Come back here on December 18th...

Every day in December, we’re taking a look back at some of our favorite content of 2025. For the 18th day, StefanApostol​, Lead Cyber Security Engineer, and SabrinaKayaci​, Application Security Engineer, share a second lab from their incredibly challenging Maze collection. 

Advanced CTF Challenge: Blood Maze

The Blood Maze lab was part of a wider CTF challenge for Immersive Community earlier in 2025. 

The Maze Challenge consists of eight “mazes” of increasing complexity, which are based on real-world cyberattack scenarios. They’re designed to test a variety of offensive skills, such as web, infrastructure, Active Directory, scripting, and binary exploitation.

Why this lab? 

This lab is an excellent exercise for penetration testers because it mimics a full kill chain in a corporate Active Directory environment, rather than focusing on a single isolated vulnerability. 

It requires a blend of enumeration, strategic tool usage, and post-exploitation tradecraft,  challenging you to move beyond simple "point-and-click" exploits.

Stefan, having already earned the “evil mastermind” title with his earlier work, really upped the ante in this lab. Yes, it’s difficult, but the satisfaction you get for completing it is all the more amplified as a result.

You can put your skills straight to the test in the Advanced CTF Challenge: Blood Maze lab, or get eased into it by watching the Labs Live: Maze Challenge webinar first.