RastaLabs is an immersive Windows Active Directory environment, designed to be attacked as a means of learning and honing your engagement skills. Beating the lab will require a number of skills, including:

  • Lateral movement

  • Exploit development

  • Creative thinking

  • Patience & perseverance!

  • OSINT & phishing

  • Local privilege escalation

  • Persistence techniques

  • Active Directory enumeration & exploitation

The goal of the lab is to reach Domain Admin and collect all the flags.


This lab features a combination of attacking both misconfigurations and actual people, making it the most realistic training environment I have seen. Don’t treat this as a typical CTF, simulated users are active at all hours of the day. I can easily see this as a solution to those “Junior Pentester” roles that require pentesting experience.

Since doing this lab (with Empire), I’ve gone back and completed this lab with other C2 Frameworks such as CobaltStrike and Silent Trinity; only to find out previous attack paths had to be slightly modified due to AV/System Patches being deployed! Rasta does a great job keeping everything relevant and up to date without changing the overall intended attack paths.
— ippsec :: https://youtube.com/c/ippsec

Head on over to Hack the Box and create an account to play now!

For special business arrangements, such as bulk purchases and
dedicated/private labs - please use the Contact Form.