Note: This article is intended for Enterprise and B2B customers.
Cloud Labs provide interactive and immersive experiences that focus on navigating cloud environments. These labs present complex scenarios designed to simulate real-world cloud infrastructures leveraging the services provided by AWS, Azure, or GCP. Every lab has a unique setup that allows you to navigate through the diverse elements of the cloud and exploit potential vulnerabilities.
By engaging with these realistic scenarios, you will gain hands-on experience in understanding the intricacies of cloud architecture and identifying security weaknesses.
The BlackSky Lab
The BlackSky labs are three cloud labs based on AWS, Azure, and GCP.
Each lab presents a whole story about a company named Mega Multinational trying to implement and use one of the cloud platforms.
BlackSky: Blizzard is a breakthrough cloud penetration testing lab that features a wide range of GCP misconfigurations, common privilege escalation techniques, and attack paths seen in real engagements. You will learn common DevOps mistakes and exploitation of serverless applications, and much else besides.
Blizzard covers how to exploit the vulnerabilities and importantly, how they can be mitigated. Level up your GCP penetration testing skills, starting with the basics!
BlackSky: Cyclone is an innovative cloud penetration testing lab that takes cloud penetration testing to new heights with an extensive array of Azure misconfigurations, prevalent privilege escalation techniques, and authentic attack paths observed in actual engagements. Azure is not merely an email platform; it encompasses a universe of possibilities.
Cyclone grants you immersive, hands-on access to an Azure Environment, enabling you to exploit cloud storage, tokens, automation, roles, and various other cutting-edge features.
BlackSky: Hailstorm will allow a comprehensive collection of AWS misconfigurations, prevalent privilege escalation techniques, and authentic attack paths witnessed in real-world engagements. Expand your knowledge with hands-on learning opportunities in web application and API exploitation, compromising serverless applications, and much more.
Hailstorm delves into not only exploiting vulnerabilities but also emphasizing their mitigation. From the fundamentals to advanced techniques, elevate your AWS penetration testing skills to the maximum level.
Playing the Labs
Lab Home Page
Clicking on the lab name from the MY LABS panel on the left side, you will be presented with this lab home page:
From this page, you can see your progress, the Entry Point for the lab, and the field to submit the flag. Scrolling down, you will see the different milestones of exploiting the lab from the Introduction to the full exploit point.
The Entry Point
The Entry Point is your initial enumeration, the starting point to the exploit path. From here, you will be introduced to the different services and start digging to find your way in.
The entry point for Blizzard and Hailstorm is an IP. For Cyclone, it is Azure credentials.
First, you need to be connected to the Cloud Lab network, be sure to read the following article:
Click the button below to learn how to connect to your Cloud Lab:
This is the same process as connecting to a Professional Lab
The flag format for BlackSky Labs is
As you submit flags, your progress in the lab will increase. In the flag list provided on the Lab page, each flag will be marked as owned as you submit it.
While the flag order indicates the normal progression through the lab, it's not necessary for you to follow this exact sequence. Depending on your path, you may occasionally submit flags out of order.
Different flags have different quantities of Points associated with them- some flags are worth more than others. The amount of Points you have determines your position within the lab's Leaderboard.
Assuming your Admin has enabled this feature, you will be able to view how many Points each user has in the Members panel on the right.
Every BlackSky lab has an about page containing very important information on the lab, the technologies, the number of machines and flags, and keynotes on what you will gain working in this lab.
The changelog page will have any updates or changes made to the lab. Keep an eye on this page to keep track of the changes.
Lab Writeup and Box List
Depending on your lab's settings, you may be able to view a writeup that documents each step of completing the lab. This document is confidential and should not be shared.
If available, you can view the lab's writeup by clicking on the Expand button in the top right of the Lab page.
Scrolling down in this side panel, you also find a list of each Box present in the Professional Lab, as well as an icon representing the operating system each Box uses.
For more information on the Enterprise Platform, visit our Enterprise Help Center: