Source_Node_01

Regulatory Compliance & Secure System Architecture (NIST/ISO 27001)

Objective: To architect a secure, compliant SaaS environment aligned with ISO 27001 and …
Compliance NIST ISO 27001 Secure Architecture
Source_Node_01

Web-to-System Pivot via Command Injection

Objective: To exploit a Command Injection vulnerability in a web application to bypass …
Command Injection Web Security Privilege Escalation
Source_Node_01

Post-Exploitation & Sensitive Data Exfiltration

Objective: To leverage administrative access to extract the system’s “Shadow” file, …
Post-Exploitation Lateral Movement Linux Exfiltration
Source_Node_01

Fowsniff — Credential Harvesting & Password Cracking

Objective: To exfiltrate and crack leaked credentials from unencrypted data sources to …
Password Cracking Credential Harvesting Information Disclosure John the Ripper
Source_Node_01

Mr. Robot — Web Exploitation & System Compromise

Objective: To demonstrate a full-stack compromise, from website reconnaissance and …
WordPress Security CTF Privilege Escalation Reconnaissance
Source_Node_01

Kenobi — Exploiting NFS Misconfigurations & Privilege Escalation

Objective: To demonstrate the use of insecure service configurations and SUID binaries to …
Linux Security Privilege Escalation NFS ProFTPd
Source_Node_01

Blue: EternalBlue Exploitation & Privilege Escalation

Objective: To identify and exploit the MS17-010 (EternalBlue) vulnerability on a legacy …
Windows Security RCE Privilege Escalation MS17-010
Source_Node_01

Exploiting Infrastructure Vulnerabilities (Backdoor Access)

Objective: To execute a remote command execution (RCE) exploit against a backdoored FTP …
Metasploit Exploitation CVE Vulnerability
Source_Node_01

Service Enumeration & Vulnerability Research

Objective: To perform deep-packet inspection and service fingerprinting on a target host …
Nmap Reconnaissance Enumeration Services
Source_Node_01

Network Traffic Analysis & Incident Response (Wazuh & PCAP)

Objective: To perform a technical post-mortem analysis of a network intrusion attempt …
Blue Teaming Incident Response Log Analysis Wazuh