Hacking-Lab™ Infrastructure

Online Service

Hacking-Lab is an online service. No need to install hardware on premise!

Portal Page

The portal page is the place where users sign in, get instructions, and submit their solutions.

Vulnerable Servers

In a dedicated network, reachable with VPN, a large number of vulnerable servers is waiting to become exploited. We are using VM and docker technologies.

Attack-Defense System

Network

The Attack-Defense system consists of many different machines and services, including a Jenkins Build server, scoring server, and several git repositories. Code changes committed by a team automatically trigger a build and deployment process.

Vulnerable Apps

Each team owns a set of vulnerable applications. Every application is deployed twice: on a development and a production system.

Tasks

Teams have to perform several tasks simultaneously:

• ATTACK – attack the other team’s applications

• DEFENSE – protect own applications secure

• CODE-PATCHING – find and patch vulnerabilities

• AVAILABILITY – keep applications up and running

• JEOPARDY – solve hacking challenges

• ACHIEVEMENT – build up or install an application

• POWNED – own servers (0-day exploits)