More Details

A wide variety of vulnerabilities with a focus on Windows AD, Web Apps & Pivoting.
  • AD Attack
    • Enumeration - Initial Access - PrivEsc - Post-Exploit
    • Dumping & Cracking Hashes - Credential Reuse - Tunneling
    • Kerberos & Trust Abuse, PS Remoting, GPO Misconfigs, Living off the Land & more Windows Post-Exploitation
  • Web App Security
    • Deserialization - JSON Web Tokens - Auth Bypass
    • Client Side Attacks with simulated users
    • Command Injection - SQLi - LFI - Type Juggling
    • 5+ Custom WebApps with no public exploits

    Unique Features:

  • Campaign Mode - Storyline along 10 Missions
    • Navigate the complex networks of The Sprawl without frustration.
    • Follows the story of an elite cyberspace operator, Case.
    • Each mission offers a concise task, ultimately leading to the final level.
  • Custom Software - Icebreakers, virus-programs & more
    • Achieve exclusive security software on The Sprawl's own black market!
    • Run these custom tools to break the ICE on targets with advanced security.

    Request Access by following the guidance here:

    The Sprawl

    • Total Boxes: 41 VM's - Windows & UNIX Systems
    • Overall Difficulty: Intermediate/Advanced
    • Released: August 2020
    • Description: A wide variety of vulnerabilities with a focus on Windows AD, Web Apps & Pivoting
    • Theme: Cyberpunk-themed following the storyline of an ex-elite Cyberspace Operator who's being contacted by a unique crew for a mysterious job...
    • Unique Features: Storyline & Custom Hacking Tools
    • Mode: Campaign or Free-range
    • Network: 4 Domains - 5 Subnets
    • Continuous Security Patching: False
    • Request Access: Send an email to request access and you'll be processed ASAP.