What is this?
A live network you control completely.
A cyber range is an isolated, fully functional network environment used for hands-on security training. LabGen spins these up in Docker — no cloud account needed, no waiting for provisioning, no cleanup bill.
Each range includes realistic machines, real services, and configurable network topology. Instructors use them for curriculum. Teams use them to practice. Competitors use them to train under match conditions.
Scenario library
Train for real conditions.
Competitive Defense
AdvancedFull-range environment for timed team competitions. Blue team defends, scoring is automated. Perfect for training under pressure.
Incident Response
IntermediatePre-compromised environment with IOCs planted. Team must detect, contain, and eradicate. Debrief report generated after.
Network Hardening
BeginnerMisconfigured network range. Team hardens services, patches vulnerabilities, and locks down access before the clock runs out.
Web App Defense
IntermediateIntentionally vulnerable web stack. Team patches and hardens while a simulated attacker probes for weaknesses.
Service Hardening
BeginnerMisconfigured Linux services across SSH, mail, and web. Team audits, locks down, and validates each service before time runs out.
Custom Scenario
AnyDefine your own topology, services, and scoring rules. LabGen provisions whatever you configure.
Quick start
Range online in three clicks.
Pick a scenario
Choose from the built-in scenario library or load a custom configuration. Each scenario includes a full description, machine list, and expected learning outcomes.
Scenario Library ────────────────────────────── ▶ Competitive Defense ← Incident Response Network Hardening Web App Defense Service Hardening [+] Load Custom...
Configure your scope
Set the subnet, number of machines, service versions, and any pre-planted flags or vulnerabilities. LabGen validates the config before provisioning.
Configure: Competitive Defense
──────────────────────────────
Subnet 192.168.100.0/24
Machines 4
Services ssh http smb
Flags ✓ pre-planted
──────────────────────────────
[ Launch Range → ]Launch
LabGen calls Docker Compose, waits for health checks, then displays the host map. Your range is live and isolated. Tear it down in one click when you're done.
✓ router [192.168.100.1] ✓ web-01 [192.168.100.10] ✓ srv-01 [192.168.100.20] ✓ mail-01 [192.168.100.30] LAB ONLINE — 8.3s
Features
Everything a cyber range needs.
Build any network in minutes
Design your network in the visual topology editor. Add Linux, CentOS, FreeBSD, or Active Directory targets. Drop in router and firewall nodes. Assign machines to DMZ, isolated, or custom subnet segments — each container is live in about 8 seconds.
- Ubuntu, CentOS, FreeBSD, and Samba AD targets
- Router and firewall nodes with real nftables rules
- DMZ, isolated, and custom subnet segments
- ⊕ ADD TARGET — container up in ~8 seconds
Screenshots
See LabGen in action.
Roadmap
What's coming.
Docker Compose lab provisioning (~8s boot)
ShippedFull multi-machine lab environments provisioned via Docker Compose. Range is live and healthy-checked in under 10 seconds.
11-machine lab — Linux, CentOS, FreeBSD, and Samba AD
ShippedPre-built target images across 3 network segments: core, DMZ, and servers — plus two isolated pivot-only hosts. Includes a full Samba Active Directory domain.
Router and firewall infrastructure nodes
ShippedConfigurable router and firewall containers with iptables/nftables rules, forming realistic network topologies.
Live TCP scoring board
ShippedReal-time service availability scoring via TCP health checks — see which services are up across every machine at a glance.
Saved networks library
ShippedSave, load, and share network configurations as reusable library entries.
WireGuard remote lab access
ShippedProvision a WireGuard VPN peer config so remote students can connect directly into the lab network from anywhere.
CCDC scenario pack (Stage 1)
In ProgressA curated scenario pack targeting CCDC competition conditions: service coverage, scoring rules, and realistic blue team challenges.
Windows workstation targets
PlannedWindows 10/11 container targets for AD-joined workstation scenarios and endpoint defense training.
Automated IOC planting for IR scenarios
PlannedPre-compromise IOC planting for incident response labs — artifacts, log entries, and malware traces placed automatically at launch.
Scoring API for external competition platforms
PlannedREST API for integrating LabGen scoring data with external competition dashboards and CTF platforms.
What's included
Real machines. Real services.
Pricing
Currently in beta. Join the waitlist.
Your range.
Live in seconds.
Runs entirely on your hardware. No cloud bill, no VPN, no waiting. Docker is the only dependency.
Request Beta Access
