Cyber Labs

Practice on intentionally vulnerable targets in fully isolated, AI-supervised training environments — legal, authorized, and controlled.

Use these skills only on systems you own or are explicitly authorized to test. Unauthorized access, scanning, exploitation, disruption, credential collection, or data acquisition may be illegal. CyberForge Academy practical exercises are restricted to controlled training environments.

One-click launch

Spin up a fully provisioned environment from your browser in seconds — no setup, no VMs to manage.

Browser terminal

A real shell in your browser tab. No installs, no local risk to your machine.

Isolated networks

Every session runs in its own segmented network that cannot reach the internet or other students.

Dynamic credentials

Fresh, per-session credentials are generated at launch and destroyed at teardown.

Unique flags

Per-student flags and randomized conditions make answer-sharing pointless.

AI safety monitoring

Warden watches every command, blocks anything targeting outside the lab, and can end abusive sessions.

Auto shutdown

Idle and expired labs are torn down automatically to keep environments clean and costs contained.

Command audit

Every command and alert is recorded to an immutable audit trail for review and grading.

Warden supervises every session

Our AI Laboratory Supervisor guides you with progressive hints and grades your work — while blocking any command aimed outside the lab network. Offensive practice stays strictly inside the sandbox, always paired with detection and defense.

All trainers here are AI assistants, not humans. Responses may contain errors — verify critical professional decisions.

cyberforge@lab:~
$nmap -sV 10.13.0.10 # authorized lab target
$PORT 80/tcp open http · 22/tcp open ssh
$nmap scanme.example.com # outside the lab
$⛔ Warden: target is outside the lab network — command blocked
$Try the equivalent exercise against the provided lab host instead.

Available labs

A preview of guided lab scenarios. Launch them from your student dashboard.

INTERMEDIATE
API Security
API BOLA Sandbox
Exploit broken object-level authorization, then enforce ownership checks.

Objective: Access another user’s object by ID, then add per-object authorization.

Est. 45 min

ADVANCED
Active Directory
Active Directory: Privilege Path
Analyze a privilege path in an isolated lab domain and cut the choke point.

Objective: Identify the path to Domain Admin, then recommend and apply the hardening.

Est. 60 min

ADVANCED
Cloud Security
Cloud IAM Escalation (Sandbox)
Find a role-chaining escalation in a simulated IAM sandbox and fix the policy.

Objective: Discover the escalation path, then rewrite the policy with least privilege.

Est. 55 min

INTERMEDIATE
Linux
Linux Privilege Escalation
Escalate from a low-priv user to root on a misconfigured host.

Objective: Find the misconfiguration, escalate to root, capture the flag, then harden it.

Est. 50 min

INTERMEDIATE
Digital Forensics
Memory Forensics Case
Investigate a memory capture from a fictional incident.

Objective: Find the suspicious process and extract the indicator, then document custody.

Est. 50 min

INTERMEDIATE
Network Security
Packet Analysis: Find the Beacon
Analyze a simulated capture to find command-and-control beaconing.

Objective: Identify the beaconing pattern and propose the detection.

Est. 40 min

INTERMEDIATE
Security Operations
SOC Alert Triage
Triage a queue of simulated alerts and escalate the real incident.

Objective: Correctly triage the queue and write one new detection.

Est. 50 min

INTERMEDIATE
Web Security
SQL Injection: Vulnerable Shop
Exploit and then remediate a SQL injection in an intentionally vulnerable shop.

Objective: Extract the admin flag via SQLi, then patch the endpoint with a parameterized query.

Est. 45 min

INTERMEDIATE
Secure Coding
Secure Code Remediation
Fix injection and secret-handling issues in a small service.

Objective: Remediate the flagged vulnerabilities and pass the security tests.

Est. 45 min

INTERMEDIATE
Web Security
Stored XSS: Community Board
Plant and then neutralize a stored XSS payload.

Objective: Trigger stored XSS, then apply output encoding and a CSP to stop it.

Est. 40 min

Ready to get hands-on?

Create an account to launch supervised labs and track your progress.