Add Background Images Here
Stacks Image 1590
Stacks Image 1592
Terms and Conditions
By accessing the CyberLabs you agree to Rocheston's Terms and Conditions.
New Labs are added every week. Upload your solutions to Cyberlabs portal. Claim your CPE credits.
We have thousands of sophisticated and highly advanced cybersecurity challenges in our Cyber Range. The Cyber Range Sphere is available to RCCE Level 2 students.
Road Roller
Launch SQL Injection, LFI, RFI and broken access controls attacks. Compromise mysql database, ssh and web servers. Break web applications. Use lynx browser to access the web sites.

Challenge 1
Road Roller

Stacks Image 1450
Look for cryptographic failures and use hash and salted techniques using scrypt, Argon2, PBKDF2 or bcrypt.

Challenge 2
Rain Rage

Stacks Image 257
Threat modeling is advised for crucial verification, access control, application logic, and essential flows. Implement them.

Challenge 3

Stacks Image 270
Scan and identify Vulnerable and outdated open source components. If the program is insecure, unsupported, or outdated, there may be vulnerability-related hazards.

Challenge 4
Swamp Stomper

Stacks Image 283
As more sensitive information is stored in databases, vulnerable to security breaches, data integrity concerns become essential for software. Launch sqlite and encrypt the databases and tables.

Challenge 5

Stacks Image 1328
Prevent Ransomware attacks. Configure system wide data security by encrypting the folders and enabling logging.

Challenge 6
Melomy Brutal

Stacks Image 1341
Apply VPNs, Proxy and Tor circuits. Implement secure network traffic.

Challenge 7

Stacks Image 1354
Path traversal unsafe deserialization flaws can be introduced when languages and frameworks allow untrusted serialized data to be expanded into an object, often when web applications are communicating user or saving application state.

Challenge 8

Stacks Image 1367
Sensitive data exposure issues can be introduced when applications access unencrypted data, particularly personally identifiable information (PII) and other regulated data types.

Challenge 9
Anger Midnight

Stacks Image 355
Scan the directories for source code vulnerabilities as part of DevSecOps (SAST) checks. Fix the c++ code with vulnerabilities.

Challenge 10
Time Turkey

Stacks Image 373
Generate self-signed SSL certificates and install them in Apache.

Challenge 11
Crunchy Bobby

Stacks Image 386
Generate RSA and ECC public / private key pairs using openssl libraries. Generate 2048 bit key with digital signatures.

Challenge 12
Weeping Quake

Stacks Image 399
Secure the sshd server and limit password authentication and enable only public-key authentication.

Challenge 13

Stacks Image 415
Use Rocheston Cybersecurity Framework (RCF) to lock down the Linux server.

Challenge 14
Shoulder Bobby

Stacks Image 766
Configure firewall using ufw, iptables and ip routes. Apply least privilege and permissions.

Challenge 15
Hammer Turkey

Stacks Image 753
Find hidden process and ports using unhide.

Challenge 16

Stacks Image 740
Scan the server for vulnerabilities, malware and rootkits. Look for kernel and process based injections.

Challenge 17

Stacks Image 727
Implement Intrusion Detection and Intrusion Prevention using snort network sniffer. Log them to a file for later analysis. Configure the standard OWASP snort rules.

Challenge 18

Stacks Image 714
Secure the web server using WAF firewalls using mod security-apache. Configure Apache for secure deployments.

Challenge 19
Rain Mutt

Stacks Image 701
Use various tunneling techniques such as httptunnel (htc and hts), icmpshell (ish, ishd), stunnel and DNS tunnels. Use encryption in these tunnels.

Challenge 20

Stacks Image 688
Start and configure the following services dnsd, snmp, ftpd,sshd and httpd. Implement cybersecurity hygene while starting and running them.

Challenge 21

Stacks Image 675
Delete files securely so that, it is impossible to retrieve through forensic analysis. Use secure-delete tool.

Challenge 22

Stacks Image 662
Hide sensitive documents inside a photo using steganography tools like outguess and stegsnow. Detect the steganography using stegdetect.

Challenge 23
Rain DriveIn

Stacks Image 649
Create password protected encrypted directory. Generate 12 character random wordlist using crunch and use hashcat to crack that encryption directory.

Challenge 24
Frog Piggy

Stacks Image 636
Be a coder. Compile programs in gcc+, python, perl and php.

Challenge 25
Roid Mutt

Stacks Image 623
Develop applications using NodeJS.

Challenge 26

Stacks Image 610
Check the system for vulnerabilities and publicly available exploits run chkrootkit. Use splint to check C programs for security vulnerabilities and coding mistakes. Use lynis to audit the Linux system.

Challenge 27

Stacks Image 597
Launch nmap scans and ARP protocol to discover and fingerprint IP hosts on the local network. Use arp-scan. Detect Port scans using portsentry. Run ZMAP to scan the entire IPv4 address space. Run sshguard to protect the server from brute-force attacks.

Challenge 28

Stacks Image 584
Run clamav antivirus on the entire Linux system to scan for viruses, malware and ransomware payloads. Use clamscan tool.

Challenge 29
The Samedi

Stacks Image 571
Run web based phproxy to proxy local connections to the Internet bypassing firewalls. using corkscrew tunnel SSH connections through proxies. Tunnel (ptunnel) TCP using ICMP echo requests. Use proxytunnel to reach outside destinations.

Challenge 30
Magic Midnight

Stacks Image 558
Launch Man-in-the-Middle (MiTM) attacks using Ettercap. Run Wireshark (tshark), tcpdump and sshscan.

Challenge 31
Quark Brutal

Stacks Image 545
Crack passwords using hydra, john the ripper and hashcat. Generate strong passwords using pwgen.

Challenge 32

Stacks Image 532
Launch Ransomware attacks. Compile encrypt/decrypt C++ code. See how the attacks works in real time. Work with encryption keys and bitcoin payment requests.

Challenge 33

Stacks Image 519
Assemble and disassemble software programs, executables using Radare2. Extract information like relocations symbols, and various other types of data. Edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb server.

Challenge 34

Stacks Image 506
Launch brute-force attacks against WiFi setups using reaver and aircrack-ng.

Challenge 35

Stacks Image 493
Conduct forensics investigations using dcfldd, sleuthkit and TSK. Examine several filesystems such as NTFS, FAT, exFAT, HFS+, Ext3, Ext4, UFS and YAFFS2.

Challenge 36
Crunchy DOOM

Stacks Image 480
Master bash shell linux commands.

Challenge 37

Stacks Image 467
Dovecot is a Mail Delivery Agent, written with security primarily in mind. IMAPS and POP3S are more secure because they use SSL encryption to connect. Configure IMAP(143) IMAPS(993) and POP3S(995). Use mailx and mutt to send send/receive messages. Install dovecot self-signed SSL certificates and create rocheston mailboxes.

Challenge 38

Stacks Image 454
Bypass firewalls. Hide a SSH server behind a http server using sshttp. Multiplex SSH/HTTPS traffic.

Challenge 39

Stacks Image 441
Compile Java applications. Generate JAR/servlet files.

Challenge 40
Green Monkey

Stacks Image 428
Infect the system using PHP backdoors. Move the malware into /var/www directory and access the website using lynx web browser.

Challenge 41
The Maker

Stacks Image 1130
Create malware payloads using Metasploit Framework msvenom. Generate payloads for asp, java tomcat, aspx, bash, php, exe etc.

Challenge 42

Stacks Image 1117
Inject backdoors and spyware into Linux kernel and launch supply-chain attacks. This high intensive lab will take about 10-15 minutes to setup.

Challenge 43
Frog Nugget

Stacks Image 1104
Launch denial-of-service attacks using torhammer.

Challenge 44
Magical Eagle

Stacks Image 1092
DansGuardian is a web content filter that blocks content of pages based on phrase matching, PICS filtering and URL filtering. Configure and run DansGuardian with Squid proxy.

Challenge 45

Stacks Image 1078
Wordpress is a web content management platform. Launch Wordpress and upload malware plugins and php backdoors. Create stealth hidden malicious Wordpress accounts.

Challenge 46

Stacks Image 1065
Build and manage PKI CA using easy-rsa. create a root certificate authority and request and sign certificates including intermediate CAs and certification revocation lists (CRL).

Challenge 47
Flash Punch

Stacks Image 1052
Setup a fake DNS server with dnsmasq. Provide fake domain mapping to phishing attack targets. Trace a chain of DNS servers to the source using dnstracer. Use dnstop to display DNS traffic on the network.

Challenge 48

Stacks Image 1039
Use DosBox emulator to launch classic Win 3.11. Use httrack and wget to mirror a website.

Challenge 49
Jonathan James

Stacks Image 1027
Recover deleted files from an ext3 and ext4 partitions using extundelete. Create a fakeroot environment for honeypot activities. Perform data carving using foremost and whdd.

Challenge 50

Stacks Image 1013
Perform IT and Asset management using glpi framework.

Challenge 51
Albert Gonzalez

Stacks Image 1000
Use Google's framework gtest for writing and compiling C++ DevSecOps pipeline. Google test can help you to write secure C++ codes.

Challenge 52

Stacks Image 987
GlusterFS is a scale-out network-attached distributed storage filesystem. It is used in cloud computing, streaming media services, and content delivery networks. Configure and launch GlusterFS.

Challenge 53

Stacks Image 974
Conduct vulnerability scans using Openvas security scanner. Configure scan rules and threat levels.

Challenge 54

Stacks Image 962
Use Sagan real time log analysis & correlation engine to manage IDS/IPS deployments. Configure alert rules and send them to syslog servers.

Challenge 55

Stacks Image 948
Use WebAssembly libraries to compile and run classic virtualized operating systems like MacOS 8.

Challenge 56

Stacks Image 935
Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Provides encryption to any application using TCP. Configure tcpcrypt and inspect the network traffic using tcpdump and rcpreplay.

Challenge 57
Fine Eagle

Stacks Image 922
Automate SQL Injection Penetration Testing using sqlmap. Extract the databases and crack the passwords.

Challenge 58

Stacks Image 909
Nikto is a free software command-line vulnerability scanner that scans webservers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. Launch nikto.

Challenge 59

Stacks Image 896
Launch Phishing attacks using phishing-as-a-service framework. Deploy fake login templates and use reverse proxy tool ngrok.

Challenge 60

Stacks Image 883
Brute-force SSH, FTP, HTTPS, RDP, Web application credentials using Hydra. Attempt credential stuffing attacks.

Challenge 61

Stacks Image 870
Use WebAssembly libraries to compile and run classic virtualized operating systems like NeXTSTEP.

Challenge 62

Stacks Image 857
Add trojan backdoor to a Windows .EXE program.

Challenge 63

Stacks Image 844
RSB Reverse Shell Backdoor is a framework to control infected machines with network interactions. It's capable of sending files, run programs in the background, take screenshot, etc. Launch this tool.

Challenge 64
The Nugget

Stacks Image 831
A web backdoor manager in python, using PHP libraries from weevely. Exploit the system.

Challenge 65
Fine Samedi

Stacks Image 818
Generate large prime numbers and exhaust the system's memory. Launch CPU starvation attack.

Challenge 66
Snowy Ball

Stacks Image 805
Launch Distributed denial-of-service attacks. Run client and server. Control the zombies with persistent connections.

Challenge 67

Stacks Image 792
Destroy the Linux server. Delete all files and make the system unbootable.

Challenge 68
Eggs Angel

Stacks Image 790
A STUN (Session Traversal of User Datagram Protocol [UDP] Through Network Address Translators [NATs]) server allows NAT clients (i.e. IP Phones behind a firewall) to set up phone calls to a VoIP provider hosted outside of the local network. Setup and configure STUN server.

Challenge 69
Maddening Bang

Stacks Image 1182
Play DOS games using Dosbox. Learn about nested virtualization here.

Challenge 70

Stacks Image 1161
Modify the Kobiri Linux kernel and enable networking. Open the GUI web browser and go to

Challenge 71
Bow Nugget

Stacks Image 1168
Configure and launch LDAP server using openldap. Enable authentication and access controls using LDAP in php applications.

Challenge 72
Flash Starke

Stacks Image 1169
Launch netcat between 2 machines. Send files, launch programs and upload malware.Launch 2 browser instances and connect between them.

Challenge 73
Kangaroo DriveIn

Stacks Image 1215
Scan for vulnerabilities in Play Unlimited website.

Challenge 74

Stacks Image 1285
Scan for vulnerabilities in The Cappa Website.

Challenge 75
Hammer Maker

Stacks Image 1298
Scan for vulnerabilities in NFTMAK Website.

Challenge 75

Stacks Image 1395
Scan for vulnerabilities in Fly Next Website.

Challenge 76

Stacks Image 1408
Scan for vulnerabilities in Rock Fest Website.

Challenge 77

Stacks Image 1421
Scan for vulnerabilities in BitBetio Website.

Challenge 78
Hammer Vikings

Stacks Image 1452
Scan for vulnerabilities in Caferio Website.

Challenge 79

Stacks Image 1465
Expose internal ports and services (http, ssh, FTP, etc)via pagekite. View tunneled web applications using an external web browser. Fix phymyadmin web app.

Challenge 80
Melomy Mayhem

Stacks Image 1478
Hack the mongo database. Download system and product tables.

Challenge 81
Crunchy Quake

Stacks Image 1515
Use macchanger to generate random mac address. Bypass mac based firewall filtering.

Challenge 82

Stacks Image 1528
Redirect connections through SOCKS/SSH or HTTP proxies using proxychains4, and proxytunnel.

Challenge 83

Stacks Image 1541
RSA encryption. Given N = p*q and two primes:

p = 19466076888822080079988762790841930153162780656057
q = 25319590701517195426198849465620835351216893075841

What is the totient of N?

Challenge 84

Identify steganography used at and extract the message (brute force the password)

Challenge 85

Stacks Image 1582
Launch 2 instances of mysql. Access mysql using root login with no password to another instance. You will need to enable remote root login in the first instance.

Challenge 86

Stacks Image 1618
Launch 4 instances. Run nmap scan on the network. Block the scans using firewall iptables rules. Connect sshd sessions between instances. Harden the access by implementing RCF framework guidelines.

Challenge 87
Flash Whispers

Stacks Image 1633
PostgreSQL is a powerful, object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. Configure and manage Postgre databases.

Challenge 88

Stacks Image 1646
Scan for ssh servers using scanssh tool. Generte sshfp DNS records using sshfp. Protect networked hosts from brute-force attacks using sshguard. Use sshproxy to connect without passwords or keys. Hiding a SSH server behind a HTTP server. Run zssh to transfer files to a remote machine while using ssh.

Challenge 89

Stacks Image 1659
Nginx server is misconfired. fix the site by loading /var/www/chess game. Add self-sgined SSL certificates and enable javascript in elinks terminal browser. Configure nginx for reverse proxy to connect to websockets.

Challenge 90
Fight Angel

Stacks Image 1672
Using sslh, accept HTTPS SSH OpenVPN Tinc & XMPP connections on the same port.

Challenge 91

Stacks Image 1685
Use airsnort to recover encryption keys. Passively monitor transmissions.

Challenge 92

Stacks Image 1698
BIRD is a routing daemon that can be used to establish BGP sessions between servers on the Intenet. Confiure and enable bird daemon.

Challenge 93
Magic Bobby

Stacks Image 1711
Ansible is a radically simple model-driven configuration management, multi-node deployment and remote task execution system. Ansible works over SSH. Configure and deploy Ansible packages.

Challenge 94
Baron Monkey

Stacks Image 1724
Defend againt ransomware attacks. Backup the linux system using backintime.

Challenge 95
Green Piggy

Stacks Image 1737
Configure round-robin load balance using balance tool. Add resiliency to nginx server.

Challenge 96

Stacks Image 1750
blogotest is a lightweight sqlite blog engine. Publish posts and articles using blago.

Challenge 97

Stacks Image 1763
Scrub iteratively writes patterns o files or disk drives to make retrieving data more difficuly. Wipe directories using scrub.

Challenge 98
Fight Starke

Stacks Image 1776
mitmproxy can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols. Launch 2 instances and monitor the traffic between them using mitmproxy.

Challenge 99

Stacks Image 1789
wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. Run wig against target networks.

Challenge 100
Harpy Rage

Stacks Image 1802
This exercise explores the use of Linux ACLs to provide access control over files, with more flexibility than the access control offered by traditional Linux file permissions.

Challenge 101

Stacks Image 1815
This exercise explores the use of ARP spoofing as a means to sniff local network traffic. Modern Local Area Networks (LANs) use ethernet switches, which prevent passive sniffing of network traffic between other components.
Stacks Image 2766

Challenge 102

Stacks Image 1828
The objective of this lab assignment is to introduce students to features of common backup utilities, and to perform a few basic experiments to determine the effects of verification, compression and encryption on backups.

Challenge 103

Stacks Image 1841
This exercise introduces Border Gateway Protocoal (BGP) fundamentals, allowing students to configure BGP routers and view their behavior. The lab uses Bird routers, which is an open source Linux-based router implementation.
Stacks Image 2768

Challenge 104
Strategic Penguin

Stacks Image 2062
This exercise introduces the Open Shortest First Path (OSPF) routing protocol, allowing students to configure OSPF-enabled routers and view their behavior. The student will use OSPF to spoof routing tables, leading to malicious mis-routing of traffic.
Stacks Image 2770

Challenge 105
Nuclear from Mars

Stacks Image 2075
The bufoverflow lab introduced you to buffer overflow vulnerabilities and potential exploits of those vulnerabilities. That lab included a vulnerable program that ran as a 32-bit x86 application. This lab includes the very same vulnerable program source code, however it compiles and runs as a 64-bit application.

Challenge 106
Puppy Encounter

Stacks Image 1971
The learning objective of this lab is for students to gain first-hand experience with a buffer-overflow vulnerability by putting what they have learned about the vulnerability from class into action. Buffer overflow is defined as the condition in which a program attempts to write data beyond the boundaries of pre-allocated fixed length buffers.

Challenge 107

Stacks Image 1984
The learning objective of this lab is for students to gain first-hand experiences on the use of capabilities to achieve the principle of least privilege. This lab is based on POSIX 1.e capabilities, which is implemented in recent versions of Linux kernel.

Challenge 108
Rise of Autonomy

Stacks Image 1997
The objective of this exercise is to give the student some hands-on experience with syslog
configuration and testing.

Challenge 109
Battlefield and Week

Stacks Image 2010
A selection of over two hundred vulnerable network services created by DARPA for their Cyber Grand challenge (CGC)1, are available for your exploration and experimentation.

Challenge 110
Return of Puzzle

Stacks Image 2023
This lab introduces methods of using access control mechanisms to limit the sharing of information within a database. In this lab, you will perform the duties of a database administrator (DBA) working for a company that is implementing an online database to manage information about the company and its employees.

Challenge 111
Space Machine

Stacks Image 2036
This Labtainer exercise explores the use of the denyhosts utility on a SSH server to limit SSH login attempts from an IP address.

Challenge 112

Stacks Image 2049
This lab illustrates a simple DMZ. It is intended as an example network topology definition for Labtainer exercises.
Stacks Image 2776

Challenge 113
Sniper Preacher

Stacks Image 1906
This lab requires that you configure a DMZ using iptables on two gateway components.
Stacks Image 2778

Challenge 114

Stacks Image 1919
This exercise introduces some basic functions and protocol elements of the Internet’s Domain Name Service (DNS). The student will interact with an example enterprise having a local DNS server and several computers.
Stacks Image 2780

Challenge 115
Sleepy Stapler

Stacks Image 1932
The goal of this lab is to familiarize students with some issues related to file deletion.

Challenge 116
Relentless Juggalo

Stacks Image 1945
One difficult question facing system administrators is this: how can I tell if my system has been hacked? Yet another difficult question is: in the event that an attack is identified, how can I tell which files were modified, or deleted, or added?

Challenge 117

Stacks Image 1958
The formatstring lab introduced you to printf vulnerabilities and potential exploits of those vulnerabilities.That lab included a vulnerable program that ran as a 32-bit x86 application. This lab includes that same source code with one change, however it compiles and runs as a 64-bit application.

Challenge 118
The Revenge

Stacks Image 1893
The learning objective of this lab is for students to gain the first-hand experience on format-string vulnerability by putting what they have learned about the vulnerability from class into actions. The format-string vulnerability is caused by code like printf(user input), where the contents of variable of user input is provided by users.

Challenge 119

Stacks Image 1867
This tutorial is intended to help a programmer who is new to the Unix/Linux environment to get started with using the gdb debugger. This tutorial assumes you already know how to program in C++ and you can compile and execute programs. It also assumes that you basically know what a debugger is and are motivated to use one.

Challenge 120
Shadow Trader

Stacks Image 1880
This lab provides a simple introduction to the use of the GDB utility to debug a C program.

Challenge 121

Stacks Image 1854
This lab introduces the Ghidra software reverse engineering suite You will use Ghidra to analyze a binary executable to determine some of its properties.

Challenge 122

Stacks Image 2231
GRASSMARLIN is an open-source software tool that provides a method for discovering and cataloging Supervisory Control & Data Acquisition (SCADA) and Industrial Control System (ICS) hosts on IP-based networks. GRASSMARLIN uses a variety of sources to generate this data, including PCAP files, router and switch configuration files, CAM tables, and live network packet captures.

Challenge 123
Titan Legend

Stacks Image 2244
This lab is the virtual industrial control system (ICS) described at: The three VMs described at that site have been reimplemented as Labtainers.

Challenge 124
Rugby Warrior

Stacks Image 2257
The objective of this laboratory assignment is to explore the differences that arise between the original source code and its disassembly from its binary form. You will use IDA to disassemble a sample C program names sample.c.

Challenge 125
Twilight Woods

Stacks Image 2270
This Labtainer exercise illustrates the use of iptables to limit network access to a PLC component in an operational technology (OT) environment. This control is provided by a component serving as a firewall.
Stacks Image 2782

Challenge 126

Stacks Image 2283
This lab illustrates the use of LDAP to authenticate users of Linux systems, such that multiple computers share a single repository of user and group information, including the passwords that authenticate users. This strategy allows users and administrators to manage a single set of credentials that can then be used to access multiple computers.
Stacks Image 2784

Challenge 127
Demon Agent

Stacks Image 2296
In this lab, you will explore cryptographic hash functions and message authentication codes using openssl, shasum, and a couple of home-grown scripts.

Challenge 128
Assault Operation

Stacks Image 2179
This Labtainer exercise explores the use of the metasploit tool which is installed on a Kali Linux system (attacker) and is meant to learn simple penetration skills on a purposely vulnerable metasploitable host (victim).

Challenge 129
Happy Jungle

Stacks Image 2192
A flow is defined as all packets with a common 5-tuple: ¡IP Src, IP Dst, Protocol, Src Port, Dst Port¿ This lab explores NetFlow.

Challenge 130
Bedtime Knights

Stacks Image 2205
This exercise explores basic network concepts in a Linux environment. These include the ARP protocol, the use of ping and a brief introduction to TCP/IP. The tcpdump utility is used to view network traffic.

Challenge 131

Stacks Image 2218
Learn about basic Linux bash commands.

Challenge 132
Wheelchair Rebellion

Stacks Image 2101
This Labtainer exercise explores the use of the nmap utility to discover computers and services on networks.

Challenge 133
Paintball Gold

Stacks Image 2114
You are performing ad-hoc security testing for a client who believes their internal SSH server is relatively secure, but you would like to confirm the validity of this. Your goal is to attempt to remotely access that SSH server and disclose the content of a selected file.

Challenge 134

Stacks Image 2127
The learning objective of this lab is for students to get familiar with one-way hash functions and Message Authentication Code (MAC).

Challenge 135
Kung-fu Slam

Stacks Image 2140
This exercise provides hands-on experience with the OSSEC host-based intrusion detection system (IDS). This IDS is commonly used and serves as the core of commercial IDS products. Like most IDS products, it applies a set of rules to identify attacks on computers. And as with many host-based IDS systems, OSSEC relies to a large extent on logs messages captured by the underlying operating system.
Stacks Image 2786

Challenge 136
Fighter Takedown

Stacks Image 2153
This exercise assumes the student has some basic C language programming experience and is familiar with simple data structures. No coding is required in this lab, but it will help if the student can understand a simple C program.

Challenge 137
Soviet Weight

Stacks Image 2166
The pcap (packet capture) format is a standard and portable representation of packet-level network traffic. You are likely already familiar with pcap both Wireshark and tcpdump store and read data in pcap format. This introductory lab is designed to familiarize students with pcaps and traffic analysis using Wireshark.

Challenge 138
Irish Disco

Stacks Image 2088
This lab explores the Message Passing Interface (MPI) standard, used widely in High-Performance Computing (HPC). This lab will use the MPICH implementation of MPI
to run a variety of parallel programs on a single machine.

Challenge 139
Battle and Space

Stacks Image 2582
The goal of this lab is to familiarize students with password files and some elementary password cracking schemes.

Challenge 140
Sacred Hero

Stacks Image 2595
Learn about PCAP Library Programming.

Challenge 141
Galaxy and Source

Stacks Image 2608
This lab introduces the analysis of PCAP files using the Tshark tool. You will analyze an existing PCAP file, looking for a specific invalid login attempt.

Challenge 142
Red Nightmare

Stacks Image 2621
This lab explores a few security issues related to theuse of Programmable Logic Controllers (PLCs) in the management ofIndustrial Control Systems (ICS), or similar forms of infrastructure.

Challenge 143
Alcoholic Unicorn

Stacks Image 2634
This lab explores security issues related to the use of Programmable Logic Controllers (PLCs) in the management of Industrial Control Systems (ICS), or similar forms of infrastructure.

Challenge 144
Fabulous Shadow

Stacks Image 2647
Analysis of packet captures from a network monitor in an industrial control system (ICS) is an important step towards understanding what has transpired on the control network.

Challenge 145

Stacks Image 2660
GRASSMARLIN is an open-source software tool that provides a method for discovering and cataloging Supervisory Control & Data Acquisition (SCADA) and Industrial Control System (ICS) hosts on IP-based networks.
Stacks Image 2788

Challenge 146

Stacks Image 2673
This exercise introduces the printf function and encourages the student to explore the manner in which the function references memory addresses in response to its given format specification. This lab provides an introduction to techniques that are used in the more advanced printf labs (formatstring and format64).

Challenge 147

Stacks Image 2686
The goal of this lab is to familiarize the student with public key certificates and the use of SSL/TLS.

Challenge 148

Stacks Image 2699
This lab explores two fundamental quantum algorithms: teleportation; and Grover's algorithm. Teleportation uses entanglement to transport a quantum state from one location to another, reproducing it at the destination and destroying the original, in accordance with the no-cloning theorem. Grover's algorithm searches an unordered list quadratically faster than a classical computer.

Challenge 149

Stacks Image 2439
In this lab you will configure a Radius server to handle authentication services for a network device that is already configured to use Radius-based authentication. The Radius server is pre-configured to support an existing network device. You are simply required to add the second device. In this lab, the Radius protocol is configured to use a shared secret known to the Radius server, and the devices that authenticate via that server. The shared secret for both devices is the same.

Challenge 150
Basketball Camp

Stacks Image 2452
The learning objective of this lab is for students to gain first-hand experience with a variant of the bufferoverflow attack; this attack can bypass a protection scheme currently implemented in major Linux operating systems. A common way to exploit a buffer-overflow vulnerability is to overflow the buffer with malicious shellcode, and then cause the vulnerable program to jump to the shellcode that is stored in the stack.

Challenge 151
Demon Project

Stacks Image 2465
This exercise explores basic network routing concepts in a Linux environment. These include use of the route command to modify Linux routing tables, defining a DNS server in the /etc/resolv.conf file, and an example of using Linux iptables to implement Network Address Translation (NAT).
Stacks Image 2790

Challenge 152
Super Farm

Stacks Image 2478
The learning objective of this lab is for students to understand how environment variables affect program and system behavior. Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer.

Challenge 153

Stacks Image 2491
This exercise introduces the use of the snort system to provide intrusion detection within a Linux environment. Students will configure simple snort rules and experiment with a network intrusion detection system, (IDS).
Stacks Image 2792

Challenge 154
Fantasy in Space

Stacks Image 2504
This exercise explores the use of the Modbus protocol and a PLC to control a simple device. It is assumed the student has had an introduction to PLC’s, ladder logic and the Modbus protocol. It is also assumed the student has some experience with Wireshark.
Stacks Image 2794

Challenge 155
Demonic Graveyard

Stacks Image 2517
SQL injection is a code injection technique that exploits the vulnerabilities in the interface between web applications and database servers. The vulnerability is present when user’s inputs are not correctly checked within the web applications before being sent to the back-end database servers.

Challenge 156

Stacks Image 2530
This lab illustrates the use of an SSH agent to manage private keys used to authenticate to SSH services on Linux computers. The goal is to allow a user to use SSH to securely authenticate from the client to a local server, and then from the local server to a remote server, without providing either a password or a passphrase, (after initial setup and initialization of an SSH Agent).
Stacks Image 2796

Challenge 157
Mountain Climber

Stacks Image 2543
The scenario of the lab is that an attacker has done appropriate reconnaissance to find out the IP addresses, host names and at least one userid on each host, on a path from base to hostd. You might think the the attacker could set up a direct ssh connection to hostd but the gateways along the way, except for gw4 don’t know about hostd’s network and hence wouldn’t be able to route the packets. Hence the need for the tunnel.
Stacks Image 2798

Challenge 158

Stacks Image 2556
This Labtainer explores the use of SSH from a client computer to connect securely to a server using public and private key pairs. In this example, mere possession of the private key is sufficient to access the remote host. In general, password-protected private keys are more secure.

Challenge 159
Special Invasion

Stacks Image 2569
This lab requires that you use SSL certificates to authenticate devices on a simulated industrial control system network shared by Programmable Logic Controlers (PLCs) and Human Machine Inteface (HMI) devices. The concepts covered by this lab are applicable to pairs of clients and servers, e.g., a web broswer and a web server.

Challenge 160

Stacks Image 2400
Exploring Symmetric Key Encryption Modes

Challenge 161
Divide of Liberty

Stacks Image 2413
The objective of this exercise is to give the student some hands-on experience with syslog
configuration and testing.

Challenge 162
Rush and Murder

Stacks Image 2426
The learning objective of this lab is for students to gain first-hand experience on some TCP/IP vulnerabilities, as well as on attacks against these vulnerabilities.

Challenge 163

Stacks Image 2348
This labtainer exercise illustrates the use of a telnet client to access resources on a server. It is a simple lab intended to illustrate basic client server networking and the transmission of plaintext passwords over a network by telnet.

Challenge 164

Stacks Image 2361
This exercise introduces management of users and groups on a Unix system. The lab includes the following objectives:
 Add users to a shared system.
 Define a group on the system, and assign users to that group.
 Observe how user and group IDs can affect access to files.
 Observe a limitation of discretionary access controls.
 Grant a user sudo or superuser privileges.

Challenge 165
Angel Alert

Stacks Image 2374
This Labtainer exercise illustrates a simple host-to-host vpn implemented with openvpn, and a static shared key. The example network includes a client and a server with a router between them. The server offers a simple HTTP service, and the student will use wget on the client to retrieve html files from the server.

Challenge 166
Sacred Tales

Stacks Image 2387
Behavioral targeting is a type of online advertising where ads are displayed based on the users web-browsing behavior. The user leaves a trail of digital foot prints moving from one website to the other. Behavioral targeting anonymously monitors and tracks the sites visited by a user. When a user surfs internet, the pages they visit, the searches they make, location of the user browsing from, device used for browsing and many other inputs are used by the tracking sites to collect data.

Challenge 167
Alien Emergency

Stacks Image 2335
The objective of this lab is to help students understand the Cross-Site Request Forgery (CSRF or XSRF) attack. A CSRF attack involves a victim user, a trusted site, and a malicious site. The victim user holds an active session with a trusted site while visiting a malicious site. The malicious site injects an HTTP request for the trusted site into the victim user session, causing damages.
Stacks Image 2800

Challenge 168
Yeti Overdrive

Stacks Image 2322
Cross-site scripting (XSS) is a type of vulnerability commonly found in web applications. This vulnerability makes it possible for attackers to inject malicious code (e.g. JavaScript programs) into victim’s web browser. Using this malicious code, the attackers can steal the victim’s credentials, such as session cookies. The access control policies (i.e., the same origin policy) employed by browsers to protect those credentials can be bypassed by exploiting the XSS vulnerability. Vulnerabilities of this kind can potentially lead to largescale attacks.
Stacks Image 2802

Challenge 169

Stacks Image 2309
Hack this Wordpress website. Login and deface the website. Use Firefox to launch the labs.

Challenge 170
Fury Alliance

Stacks Image 2751
Launch ReactOS and compromise the operating system.

Challenge 171

Stacks Image 2764
Write PHP script to extract php.ini settings on the server.

Challenge 172
Dracula's Jetski

Stacks Image 2738
Hack Juggybank website.

Challenge 173

Stacks Image 2725
Hack ZombieCop website.

Challenge 174
Motorcycle Blaster

Stacks Image 2712
Run virtualized applications and tools inside Winston emulator.

Challenge 175
Jumpa Jupitar

Stacks Image 2819
Note: The labs was developed for the Labtainer framework by the Naval Postgraduate School, Center for Cybersecurity and Cyber Operations under National Science Foundation Award No. 1438893.
Copyright 2022 Rocheston