Vulnlab is a private lab environment for Patreon subscribers with various vulnerable machines. The lab is integrated into the vulndev discord server and includes machines that cover: Active Directory, Windows Internals, Phishing & Recent Vulnerabilities. It’s mostly focused on custom exploitation but also has some CVE machines for particulary interesting ones. All lab machines are shared at this point (this might change in the future).
Hall Of Fame
State: 18.01.2023
1 756 macz
2 695 szymex73
3 407 r0BIT
4 340 ToBeatElite
5 327 jkr
6 262 P0
7 232 kozmer
8 230 Wh04m1
9 180 pain
10 121 xlth
11 120 snowscan
12 110 drb
13 100 S1nB4d
14 57 xct
15 40 Jester
16 30 poppe
17 30 theGuildHall
18 12 valent1ne
19 10 trustie_rity
Machines
These are single machines where you gain a foothold, grab a user flag & then escalate privileges.
- Job (Windows)
- Baby (Windows)
- Feedback (Linux)
- Rainbow (Windows)
- Rainbow2 (Windows)
- Data (Linux)
- Unchained (Linux)
- Breach (Windows)
- Zero (Linux)
- Bruno (Windows)
Chains
Chains consist of 2-3 machines that are meant to be exploited together. This is usually Active Directory.
- Lustrous (Windows)
- Trusted (Windows)
Labs
Labs are big environments to practice pentesting / red-teaming (as in exploit the lab with minimal detections).
- Shinra (~15 Machines, Windows & Linux, AV/EDR, Applocker, WDAC, MSSQL, ADCS, multiple Domains/Forests)