Two new time-efficient Professional Lab scenarios are now live:
Control
and Intercept
.Control and Intercept are small Active Directory scenarios that simulate configuration gaps in enterprise systems. Control contains 2 machines and 3 flags that mimic a realistic multi-stage attack that focuses on exploiting web applications, abusing management tooling (OSCTRL / osquery), and leveraging operational misconfigurations. Intercept contains 2 machines and 2 flags that cover common Active Directory vulnerabilities and misconfigurations, demonstrating how relay attacks and authentication coercion attacks can be used to get access to a domain.
You'll gain practical skills in:
- Web application reconnaissance and exploitation
- Container escape and host compromise
- Credential discovery and use
- Abusing NTLM relay attacks and Active Directory certificate service
