Overview
ThunderDome is a fun and immersive multi-cloud cyber range that simulates a realistic company environment across AWS, Azure and GCP. You can expect to learn a lot about the "big three" cloud platforms, token abuse, web exploitation, Windows and Linux, and a lot more!
There are three flags to pwn in AWS, Azure and GCP, not necessarily in that order ;) You can expect some interaction between the platforms!
Scenario
The company Massive Pharma lifted and shifted their existing infrastructure to the cloud, where they assumed it would be secure by default. Can you lead the red team engagement, get Global Administrator and show them that this is not the case?
- Familiarity with the Windows and Linux command CLI
- Experience with assessing cloud infrastructure (Pwned Labs will definitely help!)
- Basic knowledge of web vulnerabilities
- Ability to carry out independent research
Real World Context
ThunderDome is a very realistic cyber range that teaches about initial access, situational awareness, lateral movement and post-exploitation techniques used by red teamers and threat actors in the cloud. It’s also a great environment for blue teamers to learn how to defend against threats!