Are you heading to InfoSec Europe 2026?
We’re looking for the true Cyber Masters in the crowd. Think you have what it takes? 👀 Ahead of InfoSec this year, we’re giving you the chance to complete 5 immersive lab, whether you currently have access to labs or not, and earn your Cyber Master badges. What you need to do: ✔ Complete any of the five labs 🏅 Earn your Cyber Master badges 📍 Visit our InfoSec booth at F26 to collect your physical pins ★ Complete all five to unlock the coveted BLACK STAR 🎮 Enter our on-site prize draw for the chance to win a Nintendo Switch 2 Haven’t secured your InfoSec ticket yet? We’ve got you covered. Fill out the form here to claim your complimentary ticket. The challenge is open now and closes at 12pm on Thursday 4 June. ★ Click here to start the challenge! ★ Not attending InfoSec? No problem - you can still take part in the challenge and test your skills from anywhere. Good luck and see you there!Want to design a CTF lab to share? 🤩🖥️
For this year's Community Challenge Series of labs, we want to see what you can make! Our Lab Builder allows users to build custom labs with the help of ai tooling. We'll give some guidance on creating the lab, then you build it, we assess it and add it to the Challenge Series 2026. If you're interested, drop a comment below or email community@immersivelabs.com 💡👇 Here are tutorials on how to build your first practical lab: Building Your First Practical Lab (Part 1) | Immersive Community - 2505 Building Your First Practical Lab (Part 2) | Immersive Community - 2506
Create Teams for Students and assign tasks to be completed
Dear community, being a professor at a university, I'm trying to create a group where i can invite students in order to complete the tasks of a laboratory that are important to the subject we are learning. I have had the experience on the past but as I see a lot has changed and I cant find how to do that now. Can someone guide me through process please?
Trick or Treat on Specter Street: Widow's Web
I am very stucked in Trick or Treat on Specter Street: Widow's Web I can't do none of the questions, but in any case I start by 4th that is the first answerable one Your first task is to simulate the loyal Crawlers. Run legitimate-crawler and inspect the output in Lab-Files to observe their behavior. To simulate the rogue Crawlers, you must discover the hidden paths on the website. Read the blog posts – they contain clues. Disallow these in Website-Files/robots.txt and run malicious-crawler. Inspect the output in Lab-Files. What is the token? I have created the robots.txt file since I understand that malicious-crawler goes expressedly there. My robots.txt contains all url's I can imagin Disallow: /secret Disallow: /treat Disallow: /hidden Disallow: /crypt Disallow: /warden Disallow: /rituals Disallow: /witch-secrets Disallow: /admin Disallow: /vault Disallow: /uncover Disallow: /post1 Disallow: /post2 Disallow: /post3 Disallow: /post4 Disallow: /contact Disallow: /drafts/rituals But the result of malicious-crawler.txt doesn't give me either a token nor a hint I have curl-ed all pages looking for words as token and nothing. I have found some key words in http://127.0.0.1:3000/witch-secrets as intercepted-incantations, decoded them and nothing. I have searched in spider-sigthings.log what hapened at 3.00 am but nothing Can someone gime me a hint?Trick or Treat on Specter Street: Ghost of the SOC
I know it's one of the challenge labs but I'm fairly sure I'm missing something extremely straight forward, it's 100 point difficulty 4.... Someone help me please! I'm banging my head against a wall with this one! If anyone can point me in the right direction of the specific persistence mechanism I think that would be a start Q8. Use the service account to delete the spirit's persistence mechanism. The methods you employ to gain access to this account are up to you.
Git Security: Git History
Hi all, I’ve been struggling for a while with the last question on this lab, question 7. Where you need to purge access_keys.json from the commit history and force push changes at the end. I’ve tried so many combinations that I’ve lost count. The most recent, which I don’t understand why it’s not working is: git log --diff-filter=A -- *.json To find the commits. git rebase -i <commit_hash> Then changing to edit in the text editor. git push origin --force To force push my changes. This is just one of many ways I’ve tried. Any help would be appreciated, it’s driving me a little mad haha. Thanks, JPModern Maze
The Maze Challenge consists of a series of eight “mazes” of increasing complexity based on real-world-inspired cyber attack scenarios, testing a variety of offensive skills, such as web, infrastructure, Active Directory, scripting, and binary exploitation. The Maze is an Active Directory Environment This intricate lab places you within a maze designed as a simulated Active Directory environment, requiring you to utilize your knowledge of AD concepts and potential vulnerabilities. 🏅 Exclusive Community Challenge Coins are available to any community member who escapes this maze. Need a hint to help you escape this maze? SabrinaKayaci and StefanApostol will be on hand in this webinar to answer your questions and point you in the right direction. To locate the Maze Challenge navigate to Exercise > Challenges & Scenarios > Maze Good Luck!
