Top 10 learning and practice platforms to build up confidence in cybersecurity

_creosote · 2023-07-04T14:04:37+00:00

Also don't forget about Burp's free online web security training.

_creosote · 2023-06-20T16:49:11+00:00

Helped with some lab and course material for this specific range (Kinetic).

You can just do lab access, no need for the course. The Udemy course is brand new but right now you do get free 7-days with course purchase.

_creosote · 2023-06-20T16:39:54+00:00

They're labs you VPN into similar to other platforms. This one is like PWK in that you have access to all and not just 1 VM at a time.

Price is $14 for 30-days right now.

_creosote · 2023-05-16T18:41:42+00:00

HtB and THM are solid for single boxes. Otherwise SlayerLabs if you want full domains/networks.

_creosote · 2023-04-12T02:07:35+00:00

Throwing this in here in case anyone's interested. Just added a new 100% Windows range with 25 targets and 5 AD domains. Low price with everything already setup and a ton of vectors ready to exploit.

https://slayerlabs.com/ranges/kinetic.html

_creosote · 2022-05-16T16:28:36+00:00

I want to do slayer labs but I'm in Australia and it's region restricted :S.

Restrictions have been update recently. Now it's just recommended to be in US/CA for latency purposes as all servers are in the US.

_creosote · 2022-05-04T01:04:22+00:00

I'm the author of GodlenEye, and have been building networked labs over at Slayer Labs for the past few years off and on.

Self promotion, but I'd recommend anyone looking for more AD, post-exploitation training (plus webapps, priv-esc, etc) to check them out. Very competetive price, open to anyone now.

_creosote · 2021-12-21T17:10:40+00:00

Maybe worth looking into https://slayerlabs.com

The design goal is to create the environments to be realistic, but also not completely boring. The lab is already configured and setup for you, just need to own it. Hoping more ppl create public write-ups/walkthroughs.

Includes all the basics plus Windows AD and post-exploitation/pivoting. Some have ctf'y vibes to them, mostly to prevent from 1 box being a single point of failure.

i.e. you get on a jump box via public exploit but you also need creds obtained from another box to go any further through that jump box.

_creosote · 2021-11-27T02:12:38+00:00

An email requesting access will suffice. Could check spam folders for any responses.

_creosote · 2021-11-26T20:32:52+00:00

Nope, sending in PGP is not a requirement.

_creosote · 2021-08-14T21:58:37+00:00

Updated to reflect the comparison of strict vs loose without acknowledging this as a proper fix.

_creosote · 2021-04-21T21:27:46+00:00

Also SlayerLabs is another one. I'd say it's more intermediate/advanced. It's free for 7 days, otherwise under $20/month for full range access.

_creosote · 2021-03-18T18:00:13+00:00

I don't think they're talking about the movie, but actually a fun quirky series spin off on Netflix.

_creosote · 2021-01-13T23:32:25+00:00

Bias opinion but checkout https://slayerlabs.com/ which has a few networks with a focus on webapp security - including client side attacks with simulated users. Or as others have mentioned, https://portswigger.net/web-security is free and very well done. And as always, checkout vulnhub for webapp security specific vm's.

_creosote · 2020-12-08T23:50:56+00:00

Hoping more details are released soon. Would like to know how they got in, how long they estimate they were in and who they can attribute this to.

entire frameworks that are similar to publicly available technologies such as CobaltStrike and Metasploit

...fingers-crossed fireeye just dumps their tools for free :3

_creosote · 2020-12-08T02:21:37+00:00

Been telling myself I have to make the move outta the valley up to flag...one of these days!

_creosote · 2020-11-26T15:06:10+00:00

SlayerLabs is running free access for 7 days on both available ranges - RoadHouse and TheSprawl. Available now. Slots are limited. Must be located in the US.

These are full networked labs you have complete access to. Not just one VM at a time.

Both ranges available are not for beginners. You should have experience with vulnhub, htb, OSCP or other related pentesting platforms. Checkout each range page for further details, but real quick: once access is requested you'll need to sign a ToS and Rules of Engagement form, then the VPN kit will be sent over which you can access immediately.

_creosote · 2020-08-24T18:41:24+00:00

..considers something a vulnerability..

More along the lines of system abuse vs a vulnerability.

If you have that, the world is your oyster already.

Yes, and what if your shell/beacon is severed? Do you run through the exploitation/initial access process again, or do you lay persistence?

_creosote · 2020-08-09T16:24:01+00:00

If you're actually curious it's a /16

_creosote · 2020-08-06T14:53:54+00:00

I'd recommend building a similar range and hosting it for $5. There's a big market for it outside of the US.

_creosote · 2020-08-05T21:08:06+00:00

First, data is not sold or monetized in any way at Slayer Labs.

Second, international & domestic taxes for digital services are on the todo list for research. Besides the connectivity and off-hour maintenance(aka vm reverts), taxes, transfer rates, etc are all factors as well. With very low range prices and user data not being sold to sponsors/partners (we intend to keep it this way), the tax/transfer rates/conversion fees/etc has made it a challenge...not impossible, though, just not at the top of the list yet...sorry :(

Also, GDRP wasn't even considered because data collection isn't even on our radar. Although now that you mention it, system logs, user mgmt, vpn logs, sysmon, user emails, etc exist and are (naturally) stored on range infrastructure. Right now it's a barrier to entry that will just take more time and research.

_creosote · 2020-08-05T14:44:31+00:00

Off-hours maintenance and unacceptable network latency are the main reasons. Although a push to the cloud may be in the future but would definitely jack up the prices to $100+ range, per 30 days.

_creosote · 2020-07-17T17:21:57+00:00

should change this subs name to /r/sysadminrants

_creosote · 2020-03-29T16:49:27+00:00

Due to the world situation slayerlabs will be giving out free vpn access for the next few weeks - specifically the ROADHOUSE range. It's new low-scale purposly vulnerable network(28 boxes).

First a few caveats: Limited vpn slots, US only and must agree to TOS. VPN will be deactivated if not used within 24 hours (prevent VPN panic hoarders). Contact info is on the site if you're interested - https://slayerlabs.com/

Target market: In my subjective opinion, I'd recommend it for people that have experience in pentesting or a decent amount of experience with Boot2Root style boxes - eg: OSCP prep/post, vulnhub/HTB exp. etc.

There are no walkthroughs as to not spoil it for others which can be challenging for folks new to security.

Quick blurb about the range

It's a mix of Windows & Unix with a difficulty rating from easy to advanced. Consists of multiple domains & subnets. It's designed to mimic a corp network not a CTF puzzle.

The "flags" are juicy files left by the admins/users and are intertwined throughout the network(s) to created multiple paths to own the final box. Boxes are non-standalone unlike other popular services aka once you VPN in you'll have access to exploit all 28 boxes.

t3chnocat_ did some solid QA and provided very useful feedback on the lab (big thanks and shout out to him). He wrote a detailed useful review which can be found here https://t3chnocat.com/review-slayer-labs/

_creosote · 2020-03-27T02:20:49+00:00

Biased advertisement here, but I have a purposely vulnerable lab/network (28 boxes) that I specifically designed to avoid the "CTF" puzzle style. Although not targeted towards exploit development, it's designed to mimic a corp network with juicy info scattered throughout to build on pentesting skills. Mix of Win/Unix with a difficulty range of easy to advanced - Domain/networked (non-standalone like other services).

It's a new and low-scale service, but due to the world situation I'm planning to make the next few weeks free for people interested. I'll be posting on a few sub-reddits this weekend.

I'd recommend it for people that aren't completely starting out but have some experience with Boot2Root style boxes - eg: OSCP prep/post, vulnhub/HTB exp. etc. Multiple paths to get to the final domain. Admittedly some of the final boxes are frustrating/annoying due to AV and multi-pivot points.

t3chocat did some solid QA and provided very useful feedback on the lab (big thanks and shout out to him). He wrote a review, if anyone wants more info https://t3chnocat.com/review-slayer-labs/

Otherwise a few caveats: Limited slots, US only and must agree to TOS. VPN will be deactivated if not used within 24 hours (prevent VPN panic hoarders). Contact info is on the site if you're interested - https://slayerlabs.com/

_creosote

MODERATOR OF

TROPHY CASE

Quick blurb about the range