Red Team Labs

Red Team Labs are big environments with 10 or more machines, multiple subnets, multiple domains and forests. These are meant for Penetration Testers & Red Teamers to practice operations. There are modern defenses to bypass and various different AV & EDR products running.

These labs can be started on demand and are shared between lab members. Completing a Red Team Lab awards a badge.

Wutai (Medium)

  • Active Directory with 4 Domains & Forests

  • Gaining Foothold via Credential Phishing & Spraying

  • Various AV Solutions (no EDR)

  • Reversing & Custom Backdoors

  • PKI Attacks, ESXi

  • Video Walkthrough

Ifrit (Easy)

  • Active Directory with 3 Domains & Forests

  • Assumed Breach Scenario, derived from Real Engagments

  • Weak AV but strong Detection/SOC

  • ADCS, Common Enterprise Software

  • Relaying Attacks

  • Upcoming Video Walkthroughs

Shinra (Hard)

  • Active Directory with 3 Domains & Forests

  • EDR, WDAC, Applocker, PowerShell Constrained Language Mode

  • Delegation & Relay Attacks

  • ADCS & MSSQL

  • Ansible, NPM

  • Video Walkthrough

Shiva (Insane)

  • Hybrid-AD Environment

  • Azure cloud services

  • EDR, WDAC & other security controls

  • Common enterprise software

  • Private Video Walkthroughs available over time

Previous

Active Directory Chains
Next

Guidance