Kabinet's GitBook
  • 🚩Kabinet CTF's Writeups
  • Page
  • 2025
    • Thuderdome
      • Emerge through the breach
      • Pulled from the sky
      • An absent defense
      • A new wave (web of deceit)
      • Crossing the great divide
      • Joining forces as one
      • Infiltrate (open the gate)
      • Jaeger
      • Victory
  • 2024
    • GreyCTF 2024
      • Markdown Parser
      • Fearless Concurrency
      • GreyCTF Survey
      • Baby Web
      • Beautiful Styles
      • All About Timing
      • Poly Playground
    • TetCTF 2024
      • Hello from API GW
      • Microservices
  • 2023
    • BSidesSF Cloud Village CTF
      • Tony Tony Tony
      • Plain Sight
      • A Suit of Armor Around The World
      • Sharing is Caring + Sequel
      • Photo Drive
    • DART CTF
      • Flag 1
      • Flag 2
      • Flag 3
      • Flag 4
      • Flag 5
      • Flag 6
      • Flag 7
      • Flag 8
      • Flag 9
      • Flag 10
    • EKS Cluster Games
    • Big IAM Challenge
  • 2022
    • Stack The Flag
      • Secret of Meow Olympurr
  • Authored
    • Cyber League 2025 Major 1
      • Perfect Storage
      • catalog commits
      • pawtainer hub
    • Lag and Crash 2023
      • Managed Secrets
      • Pickle Rick
      • Cloudy with a chance of meatball
    • NYP InfoSec December CTF 2022
      • Super Secure Technology Infrastructure
      • Self Introduction
      • Aww Cuter Cat
      • Obligatory Calc
      • BreadSecurity
  • NYP InfoSec Introduction to Pentesting Workshop
Powered by GitBook
On this page
  • Review
  • Acknowledgement

Was this helpful?

  1. 2025

Thuderdome

https://pwnedlabs.io/cr/thunderdome

ThunderDome is a fun and immersive multi-cloud cyber range that simulates a realistic company environment across AWS, Azure and GCP. You can expect to learn a lot about the "big three" cloud platforms, token abuse, web exploitation, Windows and Linux, and a lot more

To learn more: https://cyber-ranges.pwnedlabs.io/thunderdome-overview#overview

Challenge
Cloud Environment

AWS

AWS

Azure

Azure

GCP

GCP

GCP

AWS

Azure

Review

Thunderdome is an advanced multi-cloud cybersecurity training environment that simulates a realistic enterprise network across AWS, GCP, and Azure platforms. The lab presents a red team engagement scenario targeting a fictional pharmaceutical company, "Massive Pharma," which has recently migrated their infrastructure to the cloud with assumptions of default security adequacy.

This write-up will document my findings, the challenges I faced during the lab, and my overall approach. I tackled ThunderDome using a CTF player methodology, prioritizing flag hunting and moving aggressively through the environment.

Feel free to contact me on Discord @kabiet01 if theres any queries.

Note: All flag and credentials is redacted as per PwnedLabs request

Acknowledgement

PreviousPageNextEmerge through the breach

Last updated 1 month ago

Was this helpful?

Special thanks to the moderators at PwnedLab discord for answering my question. Huge shoutout to Yasir for replying to my spam whenever I got stuck

🙏
Emerge through the breach
Pulled from the sky
An absent defense
A new wave (web of deceit)
Crossing the great divide
Joining forces as one
Infiltrate (open the gate)
Jaeger
Victory