Lab Rules & Ethics
✔ This lab is for educational purposes only.
✔ Do NOT attempt these techniques on real systems without permission.
✔ All exercises are simulations designed to teach defensive awareness.
✔ Ethical hackers protect systems — they do not abuse them.
Lab 1: Network Reconnaissance
Objective: Learn how attackers discover systems and services on a network.
Scenario
You are authorized to assess a small internal network belonging to a fictional company.
Your task is to identify active hosts and exposed services.
Simulation
$ nmap 192.168.1.0/24
Starting Nmap Scan...
Host: 192.168.1.10 | Ports: 22 (SSH), 80 (HTTP)
Host: 192.168.1.15 | Ports: 21 (FTP)
Host: 192.168.1.20 | Ports: 3389 (RDP)
Scan Complete
Exercise
- Identify which services could be high risk if misconfigured.
- Explain why exposing RDP to a network is dangerous.
- Which system should be audited first?
CTF Challenge:
Which host is running an outdated file transfer service?
Flag format: CTF{IP_ADDRESS}
Lab 2: Web Application Security
Objective: Understand how insecure input handling leads to data breaches.
Scenario
A login form is suspected of improper input validation.
You are testing it in a controlled lab environment.
Simulation
Username: admin
Password: ' OR '1'='1
Login Successful
Exercise
- Explain why the authentication bypass occurred.
- Describe how parameterized queries prevent this issue.
- What logs should defenders monitor?
CTF Challenge:
What vulnerability category does this represent?
Flag format: CTF{VULNERABILITY_NAME}
Lab 3: Password Security
Objective: Learn why weak password practices fail.
Simulation
Hash: 5f4dcc3b5aa765d61d8327deb882cf99
Attempting dictionary attack...
Match found: password
Exercise
- Why are unsalted hashes insecure?
- What hashing algorithms are considered secure today?
- Explain the role of password managers.
CTF Challenge:
Identify the cracked password.
Flag format: CTF{PASSWORD}
Lab 4: Social Engineering Simulation
Objective: Recognize manipulation techniques used against employees.
Scenario
An employee receives the following email:
From: IT Support
Subject: Urgent Password Reset
Your account has been compromised.
Click here to reset your password immediately.
Exercise
- List red flags in the message.
- What verification steps should be taken?
- How can organizations reduce phishing success?
CTF Challenge:
What attack type is this?
Flag format: CTF{ATTACK_TYPE}
Final CTF: Incident Response
Objective: Think like a defender after compromise.
Scenario
Logs show repeated failed SSH logins followed by success.
Failed password for root from 203.0.113.50
Failed password for root from 203.0.113.50
Accepted password for root from 203.0.113.50
Exercise
- What attack likely occurred?
- What immediate steps should be taken?
- How could this have been prevented?
Final Flag:
CTF{DEFENSE_OVER_OFFENSE}