A training platform for beginners with hints inside the tasks

hackbase

Bootcamp

Вы можете искать уязвимости в системах и получать за них баллы. Они начисляются за каждую систему отдельно, и сдать уязвимость каждого типа в одной системе можно только один раз.

The cyberrange is a virtual infrastructure with realistic replicas of systems and software from various industries, where cybersecurity specialists can train 24/7.


The entire infrastructure is designed around the lore of a virtual state. The state exists within an isolated network, inaccessible from the outside, and comprises various sectors for which industry-specific services with vulnerabilities are re-created. You can explore them by completing tasks of varying difficulty levels.


Right now, you're looking at the page of the online cyberrange for beginners, which is a less challenging training ground compared to the main Standoff cyberrange for professionals. The unique feature of this part of the cyberrange infrastructure is that task cards provide hints. Even though the name suggests that it's for beginners, to tackle the tasks, you'll still need to have a basic understanding of vulnerability discovery and exploitation as well as a good grasp of network technologies.


## Connecting to the cyberrange
To connect to the cyberrange and start training, go to <b>My reports</b> → <b>Access and resources</b> and download an OpenVPN config file.


## Choosing tasks
Available tasks are listed under <b>Critical events</b>:
• If you want to sharpen your web tech skills, opt for tasks with the [web] prefix.
• If you're more interested in infrastructure, try solving tasks with the [infra] prefix.


Once you're ready, dive into the mission: scan the network, find available services, explore them, and try to obtain access.


## Gaining access to services
There are different ways to access services. For example, you can do one of the following things:
• Directly exploit a vulnerability in a service on the external perimeter to access the company's internal network.
• Obtain access to the VPN config file pertaining to the internal network.
• Find employees' email addresses and send them phishing emails with a malicious payload. Once the victims trigger the payload execution, they'll unwittingly grant you access to their workstations.


## Getting support
If you encounter technical difficulties or have any questions about the cyberrange, write to our <a href="https://t.me/red_team_support_bot">Telegram bot</a>. You can also reach out for help in our <a href="https://t.me/standoff_365_chat">community chat</a>.  

## Useful information
You can check out our <a href="https://help.standoff365.com/en-US/6249124235/portal">Help Center</a> for answers to frequently asked questions. 


## Scope
Outer perimeter: 10.124.1.224/27


<h5>This cyberrange segment is unavailable every Monday from 03:00 to 09:00 UTC+3.</h5>

Complete tasks in seasonal competitions and climb to the top of the leaderboard!

Results