Teenage internet usage is on the rise. With the increase in activity comes a need to train students to be secure online. But awareness campaigns and top ten lists aren't enough. With the ever evolving attack vectors, students need to be able to adapt and recognize potentially malicious attacks. Literacy is therefore the best course of action when teaching students how to be safe and secure online. And a course will need to have a hands-on component, so that students can experience attacks in a safe and secure environment, as well as be able to recognize attacks when they happen.

The objective of this paper is to create a lab framework to be used with a security literacy course. This framework will be modular, with the ability to add new modules as new attacks, and new types of websites come about. The lab will need to have the ability to evolve with the ever-changing attack landscape. In this paper, I present, in detail, how this framework works, and what components are necessary to make this framework successful.