Hacking-Lab is an online service. No need to install hardware on premise!
The portal page is the place where users sign in, get instructions, and submit their solutions.
In a dedicated network, reachable with VPN, a large number of vulnerable servers is waiting to become exploited. We are using VM and docker technologies.
The Attack-Defense system consists of many different machines and services, including a Jenkins Build server, scoring server, and several git repositories. Code changes committed by a team automatically trigger a build and deployment process.
Each team owns a set of vulnerable applications. Every application is deployed twice: on a development and a production system.
Teams have to perform several tasks simultaneously:
• ATTACK – attack the other team’s applications
• DEFENSE – protect own applications secure
• CODE-PATCHING – find and patch vulnerabilities
• AVAILABILITY – keep applications up and running
• JEOPARDY – solve hacking challenges
• ACHIEVEMENT – build up or install an application
• POWNED – own servers (0-day exploits)