Explore Hacktivities
Discover and join cybersecurity labs, challenges, and training exercises
Featured Labs
View All Featured
PowerShell for Digital Forensics
Discover how to leverage native Windows capabilities for effective digital forensics and incident response. This hands-o...
WannaCry Ransomware Investigation
Analyze a real-world ransomware incident by examining volatile memory artifacts from an infected system. In this investi...
Windows Memory Forensics
Investigate compromised Windows systems by analyzing volatile memory dumps to recover evidence that disappears when syst...
Email Security Fundamentals
Explore the essential techniques for recognizing fraudulent emails in this foundational exercise. You'll examine email h...
All Labs
PowerShell for Digital Forensics
Discover how to leverage native Windows capabilities for effective digital forensics and incident response. This hands-on lab introduces you to powerful scripting techniques for collecting system artifacts, analyzing user activity, and extracting critical evidence from Windows environments. You'll b...
WannaCry Ransomware Investigation
Analyze a real-world ransomware incident by examining volatile memory artifacts from an infected system. In this investigation, you'll uncover malicious processes, trace encryption activity, identify persistence mechanisms, and reconstruct the complete attack timeline. Through hands-on RAM analysis,...
Windows Memory Forensics
Investigate compromised Windows systems by analyzing volatile memory dumps to recover evidence that disappears when systems power down. This hands-on lab teaches you to extract running processes, active network connections, credential information, and command history from RAM snapshots. You'll uncov...
Email Security Fundamentals
Explore the essential techniques for recognizing fraudulent emails in this foundational exercise. You'll examine email headers, understand authentication protocols like SPF, DKIM, and DMARC, and learn how attackers craft deceptive messages. By analyzing a real-world example, you'll develop practical...
SSH Authentication Threat Hunting
Dive into security operations by investigating SSH authentication activity within a corporate network environment. This lab guides you through analyzing authentication logs to uncover failed login patterns, identify brute-force attempts, detect reconnaissance behavior, and correlate indicators of po...
HTTP Traffic Threat Hunting
Analyzing web server traffic to identify potential threats and suspicious activities. Through this investigation, you'll master the art of querying enterprise log data, detecting attack patterns through user behavior analysis, identifying server misconfigurations, and uncovering indicators of data e...
Hidden Malware Memory Hunt
Investigate a compromised workstation by analyzing its volatile memory to uncover what traditional forensics might miss. This hands-on tutorial guides you through analyzing volatile memory to uncover hidden malicious processes, extract suspicious artifacts, and decode obfuscated data that adversarie...
Memory Forensics Investigation
Step into the role of a digital investigator tasked with recovering vital information from a compromised system's volatile memory. This hands-on tutorial teaches you how to identify system profiles, enumerate running processes, and extract hidden artifacts including encrypted databases, browser acti...
Network Forensics & Evidence Recovery
A digital forensics analyst responding to a potential insider threat incident. This hands-on investigation teaches you how to examine captured network communications to uncover what a suspicious user accessed, downloaded, and attempted to hide.
Multi-Source Attack Investigation
Step into the role of a security consultant investigating a real-world data breach scenario. This tutorial challenges you to correlate evidence across network traffic captures, authentication records, intrusion detection alerts, and system logs to build a complete attack timeline.
APT Threat Detection & SIEM Analysis
Act as security analyst investigating a multi-stage cyber attack on a Windows workstation. This hands-on tutorial guides you through analyzing 31 distinct malicious activities—from initial compromise to persistence establishment—teaching you how to write effective detection queries, correlate attack...
Zeus Banking Trojan - Memory Forensics with Volatility
Learn the art of memory forensics by investigating a real Zeus banking trojan infection. This comprehensive investigation teaches you to analyze memory dumps, detect process injection, trace network connections, and uncover sophisticated evasion techniques. You'll develop critical skills in malware...
Web-to-Root Linux Lab: Exploiting a GLPI Intranet Misconfiguration
Dive into a step-by-step penetration testing guide for the vulnerable VM. This medium-difficulty walkthrough simulates a real-world assessment, from initial reconnaissance to full root access. Learn how to identify default credentials, bypass file upload restrictions, exploit web shells, crack passw...
Active Directory Attack Lab
This hands-on lab walks you through the full lifecycle of an Active Directory breach—starting from initial network reconnaissance and LLMNR poisoning, to password cracking, enumeration of domain trusts, privilege escalation via group membership abuse, and ultimately gaining Domain Admin access.
Web API Attack Lab: OWASP crAPI
This hands-on lab is crafted to teach you how to identify a serious vulnerability known as BOLA (Broken Object-Level Authorization) using a realistic, intentionally vulnerable API environment called crAPI. You’ll simulate the role of a penetration tester investigating how weak access controls can al...
Apache Web Server Exploitation Lab
Learn to exploit Apache HTTP Server (CVE-2021-42013) with real-world techniques. In this lab, you'll perform path traversal attacks, access system files, and trigger remote code execution through vulnerable CGI endpoints. From basic enumeration to remote code execution — hands-on and practical.
Network Investigation - Walkthrough
You are a cybersecurity analyst working for a company that hosts customer web applications using KVM-based virtual machines. Over the weekend, one of the production VMs unexpectedly went offline. The web application team suspects this outage was caused by malicious activity. As part of the incident...
Network Investigation - CTF
You are a cybersecurity analyst working for a company that hosts customer web applications using KVM-based virtual machines. Over the weekend, one of the production VMs unexpectedly went offline. The web application team suspects this outage was caused by malicious activity. As part of the incident...
Active Directory Attack Lab: Recon-to-Root
This step-by-step lab walks you through real-world AD attack techniques—starting with port scans and ending in full domain compromise using tools like nmap, kerbrute, evil-winrm, and BloodHound. Perfect for aspiring red teamers and security learners.
The Forgotten Gateway - PenTest Walkthrough
A beginner-friendly but realistic PenTest walkthrough that tests your ability to chain multiple misconfigurations into a full root compromise.
Elastic Stack Lab
Test your Blue Team analysis skills by uncovering the details of a stealthy network intrusion using the Elastic Stack. Demonstrate your expertise in threat detection, log analysis, and incident response
SNMP Exploitation Lab: Scan, Attack, and Capture the Flag
Learn how network attacks happen — from finding open ports to running exploit and taking control.
Basic Pentesting 1 – From Recon to Root
A beginner-friendly lab focused on real-world pentesting. Discover services, exploit a WordPress site, gain a foothold, and escalate to root. Perfect for CTF newcomers.
Exploit Erlang/OTP SSH — Unauthenticated RCE to Reverse Shell
Explore a critical vulnerability (CVE-2025-32433) in the Erlang/OTP SSH daemon that allows unauthenticated remote code execution