Offensive Labs
Immersive Labs contains hundreds of cyber skill experiences and content for red teams, penetration testers and ethical hackers. And we’re always adding more powered by the very latest threat intelligence.
Skill paths
to rapidly tool up teams
Our hands-on labs and challenges can be instantly accessed from a browser. They are designed to move teams and individuals through a four phase process to power up your organization’s human cyber readiness.
Coach
Embedding core skills through guided, hands-on experiences. Users can begin here with little to no prior experience.
Demonstrate
Enabling individuals to show expertise through experiences, in these exercises users will prove their mastery of relevant tools and technology.
Challenge
Applying acquired skills and experience to the latest threats and techniques, these labs test not only the skills acquired to this point but also critical thinking and flexibility.
Simulate
Testing expertise and decision making against likely scenarios. This is where things get real, as we test individual and organizational readiness.
Top role objectives
Use sets of industry standard objectives, use NIST NICE or build your own in Immersive Labs. Objectives equip teams and individuals with relevant and continually evolving expertise.
Practical exercises to help uncover the basics of web attacks and exploitation. Culminating in a “for real” red team mini series identifying vulnerabilities in a newly released web app.
Want to hack the Death Star, breach a bank, cut off a power station? There’s a huge range of CTF-style exercises to earn points and test offensive capabilities in Immersive Labs.
This work role is also defined in the industry as Pen Tester or red teamer. These teams conduct assessments of threats and vulnerabilities and develop countermeasures.
Top MITRE techniques
We’ve mapped labs to MITRE ATT&CK, helping you understand where human capabilities align to threat tactics and techniques.
Top on-demand labs
Our labs are bite-sized, challenge-based experiences designed to get your teams hands on with the very latest tools and techniques in seconds.
John the Ripper
In this lab you will get to grips with password-cracking tool John the Ripper. John the Ripper is an open source piece of software pre-loaded on Kali Linux; it is one of the oldest and most popular password-cracking tools.
Mimikatz
Mimikatz is an open source Windows tool often used to perform post-exploitation activities. It can extract Windows authentication passwords, tokens and hashes from memory.
Heist: Episode 1
This mini-series simulates a Red Team engagement against the world's leading (albeit fictitious) financial services company. Walking through the various stages of a simulated targeted attack, starting with information gathering and gaining access.
Reflected XSS
Cross-site scripting (XSS) is a code injection attack whereby malicious scripts are injected into a web page. It is a very common attack and is included in the OWASP Top 10.
Test your cyber mettle for free: Immersive Labs Community is now in public beta
12 October 2020
Research: Can you build spyware for a Fitbit?
9 October 2020
The more the merrier: four ways to build a more diverse cybersecurity team
30 September 2020
Think cyberattacks only hurt financially? Think again
28 September 2020
Staying cyber-safe in a remote working world
24 September 2020
Guest Blog: The Stress and Joy of Security Jobs
21 September 2020