Lab

Vulnlab is a private lab environment for Patreon subscribers with various vulnerable machines. The lab is integrated into the vulndev discord server and includes machines that cover: Active Directory, Windows Internals, Phishing & Recent Vulnerabilities. It’s mostly focused on custom exploitation but also has some CVE machines for particulary interesting ones. All lab machines are shared at this point (this might change in the future).

Hall Of Fame

State: 18.01.2023

1    756   macz
2    695   szymex73
3    407   r0BIT
4    340   ToBeatElite
5    327   jkr
6    262   P0
7    232   kozmer
8    230   Wh04m1
9    180   pain
10   121   xlth
11   120   snowscan
12   110   drb
13   100   S1nB4d
14   57    xct
15   40    Jester
16   30    poppe
17   30    theGuildHall
18   12    valent1ne
19   10    trustie_rity

Machines

These are single machines where you gain a foothold, grab a user flag & then escalate privileges.

  • Job (Windows)
  • Baby (Windows)
  • Feedback (Linux)
  • Rainbow (Windows)
  • Rainbow2 (Windows)
  • Data (Linux)
  • Unchained (Linux)
  • Breach (Windows)
  • Zero (Linux)
  • Bruno (Windows)

Chains

Chains consist of 2-3 machines that are meant to be exploited together. This is usually Active Directory.

  • Lustrous (Windows)
  • Trusted (Windows)

Labs

Labs are big environments to practice pentesting / red-teaming (as in exploit the lab with minimal detections).

  • Shinra (~15 Machines, Windows & Linux, AV/EDR, Applocker, WDAC, MSSQL, ADCS, multiple Domains/Forests)