playing in the playground a offsec virtual pentesting labs review

As you may know, I recently completed the Penetration testing with Kali Linux training and obtained OSCP certification. It was an amazing experience and really taught me more than just “hacking stuff”. Instead, the training came coupled with self discipline and endurance. By day I make a living in the IT security field, by night, I tinker, research and learn!

With PWK over, not long after that, I was privileged enough to be presented with a opportunity to beta test a new product that Offensive Security is planning to launch around January 2015 referred to as…

The Playground

meet the playground

From the offsec website, The Playground is described as a safe virtual network environment designed to be attacked and penetrated as a means of learning and sharpening your penetration testing skills.

I was still pretty fresh post-PWK and decided to use the Kali VM I used, for The Playground. The setup was pretty much the same as PWK. Get a VPN connectivity pack and gain access to the lab. There is also a dashboard that you gain access to that allows you to revert machines as required, along with functionality to “proof” you pwnd it by submitting file content found on a host. For each machine you hack, you gain a set amount of points (actually only one point at the time I was testing but I believe this will be different values when released).

the challenges

I won’t be going into any details about what you will face in the labs. The feature page mentions “Citrix environments, Windows Active Directory Domains, SCADA networks, IPS systems and corporate Antivirus solutions”. All I can do here is nod =). There are quite a vast number of machines waiting for you to explore and learn.

What I will say though is that my experience with this can be summarized as [PWK + 1]. That is PWK plus 1. You will get to use everything you learned in PWK, in The Playground, plus more. Your technical expertise, your endurance, as well as your discipline. There are some challenges that are easy for sure and they do a great job at building your confidence. However there are challenges that are going to push you and quite possibly open new worlds to you to learn new things.

The only real advice I can give is: Try Harder.

the not so great

One thing about these labs that are a pain is the fact that they are shared. You will be busy testing a sploit, when the next thing you know, a machine gets reverted. While this doesn’t mean the bug you found is fixed, it may mean you have to rebuild that initial shell. The product page mentions that there may be dedicated hosted labs for corporations which I hope may alleviate this frustration a bit.

summary

The Playground will quite possibly go a great job at satisfying your craving to dig/learn/explore! I won’t say you need to have done PWK before to be able to play in The Playground, no. But, its not bad experience to bring along with you.

As for me, I have not completed The Playground. In fact, I will most definitely make a plan to get more lab time once its available! Most importantly though, thanks to @g0tmi1k for the opportunity as well as the offsec team for their role putting the whole thing together!

hack2learn!

comments powered by Disqus