There are currently 25+ vulnerable standalone machines from multiple authors (xct, jkr, r0bit). The difficulty ranges from beginner to advanced level and there are both Windows & Linux machines. Common topics are misconfigurations, issues in Custom Software and Active Directory based vulnerabilities. If you happen to find a CVE it’s likely not directly exploitable and instead requires effort to make it work.

To interact with the lab, you can start & stop Machines via the discord bot and will get a individual instance that you can acess via VPN. This means that you have the machines completely for yourself and no one will interfer with them.

Once you find flags, you can submit them to the bot and will get points for the machines that place you on the leaderboard.

Check out the overview for a complete list.