> 𧬠CTF-Lab Local | Final Degree Project
September 2025 - January 2026 | Grade: 9/10
Complete 100% offline pentesting training ecosystem: vulnerable virtual machine (Ubuntu Server +
Docker Compose) with a 6-phase kill chain plus a Next.js web platform for flag management and
automatic validation.
Implemented Kill Chain:
1. DNS Zone Transfer (AXFR) -> Initial recon and enumeration
2. OpenNMS exploitation -> Initial access with default credentials
3. Ligolo-ng pivoting -> Jump to an isolated internal network (10.10.10.0/24)
4. MongoDB exfiltration + Cisco Type 7 decryption -> Credential theft and decryption
5. LFI/RFI exploitation -> Reverse shell on the internal web server
6. Sudo misconfiguration (csvtool) -> Privilege escalation to root
Technical stack: Docker Compose, Next.js (TypeScript), Python (custom exploits), HMAC validation,
rate-limiting, MongoDB
Highlights:
~ 8 hosts in a multi-segmented network (DMZ + internal network)
~ Web platform with automatic flag validation
~ Reproducible environment without external VPN dependencies
~ Professional technical documentation (50+ pages)
~ Kanban methodology (Trello) with WIP limit=2
View Full Project Video | GitHub Repo | Final Degree Report (PDF)
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
> π§ͺ Custom Offensive Tools
Scripts and tools developed for pentesting automation:
~ GitHub - Custom tools
Featured from CTF-Lab:
~ Cisco Type 7 Decoder (Python) - Automatic Cisco Type 7 password decryption
~ LFI to RCE Exploiter (Python) - PHP filter chain automation for RCE
~ csvtool Privesc Exploit (Bash) - Privilege escalation through sudo misconfiguration