Boost Your
skills
Become a security engineer with our labs
Each lab requires you to complete hands-on tasks
Take a course that guides you through the core concepts of security
Use our labs to upskill yourself or conduct interviews
Defbox – For Those Who Want to Advance as Cybersecurity Professionals
Students
Get real skills beyond theory. Learn practical skills you can use in real jobs. Our labs use real tools and scenarios to help you succeed in securing a job in the cybersecurity field.
Engineers
Keep growing your skills and get challenges. Stay up-to-date with the latest technologies and threats. Feel free to share your ideas for new labs. .
Professors and Managers
Customize learning for your needs. For Professors: Get access to our instructor tools and create labs tailored to your course. For Managers: We help conduct technical interviews, onboarding, and internal assessments. Contact us through the form below to collaborate.
Do you represent a company or university? Leave us your email and we will get back to you
with our options for SOCs and universities.
with our options for SOCs and universities.
Each lab includes a set of virtual machines and specific scenarios. Depending on the scenario, your mission is to either protect or attack the system.
You have full control over how you interact with the system. Use SSH and other tools to secure the system from attacks. Hack into the system to find and exploit vulnerabilities.
We add new labs on a regular basis
Here are some of our labs:
Vulnerable SSH
An SSH-setup with a password-based authentication. Common SSH passwords will be brute-forced in a matter of hours if exposed. Learn how to detect and mitigate this basic misconfiguration
Spring4shell
Learn how to detect Spring4Shell vulnerability in the logs and how to mitigate it
Giggle Vault Bank
This lab showcase lateral movement and web vulnerabilities that can lead to data exfiltration. Online bank built with Nginx, django web server and PostgreSQL lab. Users can create and pay invoices using this service.
DVWA
Damn Vulnerable Web Application. This Lab contains multiple vulnerabilities, which defbox exploits. OWASP TOP 10 is covered here.
Postgres with default creds
Postgresql database accessible from internet with default creds. Such setup will be exploited within few hours in the wild. Learn how to escape database and detect such attacks.
DNS C2 Tunnel
Learn how malware hides itself using normal activity. Learn how to detect malware that is using DNS to communicate.There is an infected machine in the lab. Discover how the lab is communicating with the C2 server. Made by Gleb.
We design labs to simulate real cyber incidents, balancing engagement and hands-on practice to help you gain practical cybersecurity skills.
Notes service
This lab showcase how unsafe python code can be used to gain root access. Flask application to securely save and retrieve notes. One of it's endpoints can be entrypoint for an RCE, which will be used to establish a reverse shell. Find vulnerable endpoint and create detection rules to mitigate that threat.
CVE-2024-3094 - SSH RCE
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code The exploit uses sshd to RCE on the system.
Open RSync
RSync server that has no authentication. Attacker will use that to achieve persistence, detect it.
RedisWithoutAuth (Beta)
Redis database with enabled anonymous access. We dont store any data there, but exploitation is still possible. Write a rule to detect it when everything will go wrong "Beta" means that attack could be hard (nearly impossible) to detect. We will appreciate any feedback in telegram/discord groups.
Our labs are useful for teaching practical cyber defense skills.
What's inside the lab?
VMs
Tasks
SSH
SIEM
Materials
Virtual Machines. Only yours.
Each lab includes a set of virtual machines, such as target servers, SIEM, or attackers. VMs are deployed individually for each user
Collapse
leave us your email and we will contact you
Free
Polygons
5SSH access to the polygon
Teacher's personal page
Custom polygons and scenarios
Connecting polygons to your SIEM
Prioritization of tasks in our roadmap
Supporters
Polygons
AllSSH access to the polygon
Teacher's personal page
Custom polygons and scenarios
Connecting polygons to your SIEM
Prioritization of tasks in our roadmap
Enterprise/Universities
Polygons
AllSSH access to the polygon
Teacher's personal page
Custom polygons and scenarios
Connecting polygons to your SIEM
Prioritization of tasks in our roadmap