Red Team Playground

Targets

Web Server (web1)

Vulnerable

http://web1.demo.local

LFI, SQLi, Weak Auth

Internal API

Misconfigured

http://api.internal.local

Token Leakage, Insecure JWT

FTP Server

Exposed

ftp://ftp.demo.local:21

Anonymous Login, Weak ACLs

Attack Scenarios

Web-to-API Pivot

Use SSRF to pivot from web server to internal API

Difficulty: Medium

FTP to Root

FTP credential theft leading to shell access and priv esc

Difficulty: Hard

Attack Console

root@kali> █

Exercise Progress

Completion 25%

Scenarios 0/2

Flags Captured 0/3

Capture the Flag

/flag1.txt

Basic web server vulnerability

Not Found

/flag2.txt

Internal network access

Not Found

/root/flag3.txt

Privilege escalation

Not Found

Security Disclaimer

This is a controlled environment for educational purposes only. Any techniques demonstrated should only be used in ethical security testing with proper authorization. Unauthorized access to computer systems is illegal.

Made with DeepSite - 🧬 Remix

Targets

Web Server (web1)

Internal API

FTP Server

Attack Scenarios

Web-to-API Pivot

FTP to Root

Attack Console

Exercise Progress

Capture the Flag

/flag1.txt

/flag2.txt

/root/flag3.txt

Security Disclaimer

Connect to Environment