Offensive Labs

Hands-on attack scenarios.
Grounded in real TTPs.

Structured offensive scenarios covering web exploitation, auth bypasses, cloud privilege escalation, and AI adversarial techniques — each mapped to documented attacker behavior and paired with detection engineering guidance.

Total Scenarios

Auth

2 scenarios

OAuth misconfigurations, JWT forgery, Kerberoasting, and session fixation attacks with full detection coverage.

AuthMedium

GraphQL Abuse

+0 XP · ~0 minAvailable

AuthMedium

JWT Exploit Chain

+0 XP · ~0 minAvailable

Cloud

1 scenario

AWS IAM escalation, Azure privilege abuse, and Kubernetes escape scenarios drawn from cloud-native incident reports.

CloudHard

SSRF to Metadata

+0 XP · ~0 minAvailable

Hands-on attack scenarios.Grounded in real TTPs.

Auth

GraphQL Abuse

JWT Exploit Chain

Cloud

SSRF to Metadata

Hands-on attack scenarios.
Grounded in real TTPs.