Thuderdome

https://pwnedlabs.io/cr/thunderdome

ThunderDome is a fun and immersive multi-cloud cyber range that simulates a realistic company environment across AWS, Azure and GCP. You can expect to learn a lot about the "big three" cloud platforms, token abuse, web exploitation, Windows and Linux, and a lot more

To learn more: https://cyber-ranges.pwnedlabs.io/thunderdome-overview#overview


Review

Thunderdome is an advanced multi-cloud cybersecurity training environment that simulates a realistic enterprise network across AWS, GCP, and Azure platforms. The lab presents a red team engagement scenario targeting a fictional pharmaceutical company, "Massive Pharma," which has recently migrated their infrastructure to the cloud with assumptions of default security adequacy.

This write-up will document my findings, the challenges I faced during the lab, and my overall approach. I tackled ThunderDome using a CTF player methodology, prioritizing flag hunting and moving aggressively through the environment.

Feel free to contact me on Discord @kabiet01 if theres any queries.

Note: All flag and credentials is redacted as per PwnedLabs request

Acknowledgement

Special thanks to the moderators at PwnedLab discord for answering my question. Huge shoutout to Yasir for replying to my spam whenever I got stuck 🙏

Last updated

Was this helpful?