Stack behind web security education
Every tool and protocol used in Skelvorad webinars is chosen for how well it holds up under real attack conditions — not for how well it looks in a feature list.
Sessions run on infrastructure that mirrors production environments — participants see the same conditions an attacker would encounter.
How the platform is assembled
Skelvorad does not use generic webinar software. Each component was selected or configured specifically for security-focused instruction — where demonstrating a vulnerability live, without breaking the session, is a hard requirement.
Isolated streaming environment
Live sessions run through a containerised broadcast stack that separates the presenter's demonstration environment from the delivery channel. When an instructor runs a SQL injection or SSRF demonstration, the exploit executes inside a sandboxed network segment — visible to participants through a mirrored stream, but fully isolated from any external system. Latency is kept below 900ms to keep real-time tool output readable.
Participant-accessible practice targets
Each webinar includes a set of intentionally vulnerable applications deployed per-participant — not shared instances. Participants get their own OWASP WebGoat, DVWA, or custom-built targets depending on the session topic. Lab environments spin up automatically at session start and are destroyed at close. No persistent state means no cross-contamination between participants and no residual exposure after the session ends.
Instruments shown in practicals
Sessions do not introduce tools abstractly. Burp Suite interception, Nmap service enumeration, Nikto scanning, and Metasploit module usage are demonstrated against live lab targets during the session. Instructors walk through output interpretation line by line. Participants can replicate every step in their own lab instance simultaneously, which is why the per-participant isolation in the previous layer matters.
Recording, access control, and audit
All sessions are recorded at the stream level with chapter markers generated from the instructor's slide transitions. Access is controlled through time-limited signed tokens — no public links, no shared credentials. Participant activity inside lab environments is logged for post-session review, which helps instructors identify where participants got stuck and adjust the next session accordingly.
Why the stack is not static
Web application attack surface shifts as frameworks evolve. A session on JWT misconfiguration delivered in early 2024 required different tooling than one addressing the same topic after algorithm confusion vulnerabilities became more widely exploited. Skelvorad updates lab configurations and tooling selections between session cycles — not on a fixed calendar, but when the threat landscape warrants it. Participants who attend repeat sessions on similar topics will encounter different lab scenarios.
Standards alignment
Content maps to OWASP Top 10, NIST SP 800-115, and CWE classifications. Participants can cross-reference session material against published frameworks without translation.
Accessibility of tooling
Every tool demonstrated has a free or community edition. Participants are not required to purchase commercial licences to follow along or practice independently after the session.
"Choosing a tool for a live session is different from choosing one for a pentest report. It has to be explainable step by step, produce output that reads clearly on a shared screen, and fail gracefully when something unexpected happens in the lab."