Pick a scenario, customize your strategy, and launch the battle
NGINX web server with a backend API. Red Team probes for injection, traversal, and misconfig. Blue Team monitors logs and hardens config.
REST + GraphQL API behind an API gateway. Red Team attempts auth bypass, rate limit abuse, and data exfiltration. Blue Team applies WAF rules.
Backend for a mobile banking app with OAuth2, push notifications, and a CDN. Red Team targets token theft, API abuse, and session hijacking.
Full-stack e-commerce platform with payment processing, inventory management, and customer data. Red Team targets payment flows and PII.
Simulated enterprise network with Active Directory, file shares, and email. Red Team attempts lateral movement. Blue Team monitors and segments.
Remote access VPN with split tunneling, MFA, and certificate-based auth. Red Team attempts credential theft and tunnel hijacking.
Authoritative DNS servers with zone transfers, DNSSEC, and recursive resolvers. Red Team targets DNS poisoning, amplification, and tunneling.
Enterprise mail infrastructure with SMTP, IMAP, spam filtering, and DLP. Red Team crafts phishing campaigns and attempts mail relay abuse.
AWS-style cloud environment with S3 buckets, EC2 instances, and IAM roles. Red Team hunts for misconfigurations. Blue Team enforces least privilege.
Kubernetes cluster with multiple microservices. Red Team escapes containers and pivots. Blue Team enforces network policies and RBAC.
Continuous integration pipeline with source control, build agents, and artifact registries. Red Team targets supply chain and secret leakage.
Serverless functions with API gateways, event queues, and managed databases. Red Team exploits cold start timing, injection, and IAM over-privilege.
Industrial control systems with PLCs, SCADA, and sensor networks. Red Team targets OT protocols. Blue Team monitors anomalies.
Building management system with HVAC, access control, cameras, and BACnet. Red Team targets physical-cyber convergence points.
Hospital network with EHR, PACS imaging, HL7 interfaces, and medical devices. Red Team targets patient data and life-critical systems.
Core banking platform with SWIFT messaging, transaction processing, and fraud detection. Red Team targets wire transfers and account manipulation.
Fast, noisy scanning to map the entire attack surface quickly
Low and slow advanced persistent threat simulation
Focus on OWASP Top 10 web vulnerabilities
Gather intel through OSINT and social engineering vectors
Standard SOC monitoring and incident response
Proactive hardening before attacks begin
Proactive threat hunting using hypothesis-driven investigation
Coordinate incident response with structured playbooks
Select a scenario to begin