Security Training Labs & Practical CTF Challenges
Build real skills.
Hands-on Docker-based labs focused on web vulnerabilities, exploitation paths and secure coding awareness.
Legal Notice:
NoirthHack is an educational platform dedicated to cybersecurity training, vulnerability analysis and CTF-style exercises exclusively within controlled lab environments provided by the service provider or environments the user is fully authorized to access.
It is strictly prohibited to use the materials, scenarios, tools or knowledge made available through the service to test, scan, bypass security, or access systems, networks, accounts or data belonging to third parties without their prior explicit authorization.
By using the service, the user acknowledges the educational nature of the platform and agrees to use it only in compliance with applicable law.
Legal Notice:
NoirthHack is an educational platform dedicated to cybersecurity training, vulnerability analysis and CTF-style exercises exclusively within controlled lab environments provided by the service provider or environments the user is fully authorized to access.
It is strictly prohibited to use the materials, scenarios, tools or knowledge made available through the service to test, scan, bypass security, or access systems, networks, accounts or data belonging to third parties without their prior explicit authorization.
By using the service, the user acknowledges the educational nature of the platform and agrees to use it only in compliance with applicable law.
🚀 Launch Lab
Turning ideas into scalable realities through modern frameworks and innovative engineering.
📘 Read Write-up
Code crafted for resilience, consistency, and lasting impact across platforms and industries.
🧪 View Challenges
Designed to evolve with technology, keeping your business ahead of change and competition.
We continuously design and refine our CTF challenges so you can sharpen your skills and push your limits.
Have an idea for a challenge?
Want to see it live here?
Hit the green “Get in touch” button and let’s build it together!
Want to see it live here?
Hit the green “Get in touch” button and let’s build it together!
Start Here
Quick intro + how to use the labs (beginner-friendly).
Setup & Requirements
Docker Desktop + WSL2. Estimated RAM: 2–4GB per lab.
Core Lab Tracks
- Web Exploitation
- File Inclusion & Path Traversal
- Container Misconfigurations
- Privilege Escalation
- Secure Coding Awareness
- Defensive Hardening
NOIRTHHACK / NOIR
START YOUR CYBERADVENTURE
vector: find
state: watching
pulse: unstopabble
OBSERVER MODE
quiet • precise • inevitable
Lab Features:
- Dockerized environment;
- Realistic misconfigurations;
- Step-based difficulty;
- Practical exploitation paths;
- Secure fix recommendations;
- Minimal hints system;
1️⃣ Web Exploitation Basics
- Path Traversal
- LFI
- Basic misconfig
- LFI
- Basic misconfig
2️⃣ Injection Attacks
– SQL Injection (Level 1)
– Blind SQL Injection (Coming Soon) (Level 2)
– Template Injection (Coming Soon)
- Filter bypass (Level 3)
- SQLi → LFI chain (Level 4)
– Blind SQL Injection (Coming Soon) (Level 2)
– Template Injection (Coming Soon)
- Filter bypass (Level 3)
- SQLi → LFI chain (Level 4)
3️⃣ File Handling & Upload Attacks
- Unrestricted file upload
- MIME bypass
- Polyglot files
- MIME bypass
- Polyglot files
4️⃣ Authentication & Logic Flaws
- IDOR
- Broken access control
- Session flaws
- Broken access control
- Session flaws
5️⃣ Container & Docker Misconfigurations
- Privilege misconfig
- Exposed Docker socket
- Writable volumes
- Exposed Docker socket
- Writable volumes
6️⃣ Log Poisoning, File Inclusion & Code Execution Chains
- Apache log injection
- PHP wrapper abuse
- Filter bypass
- PHP wrapper abuse
- Filter bypass
7️⃣ Privilege Escalation (Linux)
- SUID
- Writable cron
- PATH hijacking
- Writable cron
- PATH hijacking
8️⃣ Secure Coding & Fixes
- Hardening examples
- Before/After lab
- Secure rewrite
- Before/After lab
- Secure rewrite