WOLF//SEC
← All Labs
LAB 4.1-A Tier 2: Worker-Backed Obj 4.1 · intermediate · ~20min

System Hardening Checklist

This lab is planned but not yet built. Check back soon.

Mission

A freshly deployed system has hit your desk with deliberate misconfigurations. Find them, fix them, and understand what each one would have cost you.

Scenario

A Cloudflare Worker presents a randomized target system — could be a Windows Server, a Linux box, a network switch, or a cloud VM. Each has 8-12 deliberately planted misconfigurations: default credentials, unnecessary services, open ports, missing patches, permissive firewall rules, disabled audit logging, and more.

What You’ll Do

  1. Audit the system configuration presented by the Worker
  2. Identify each misconfiguration and select the correct remediation action
  3. Apply fixes: disable services, change credentials, close ports, enable logging, enforce baselines
  4. Learn what attack vector each misconfiguration enabled — the Worker shows the exploitation path for every issue you find

Timed exercise with a running compliance score.

Offensive Context

Every hardening action is a friction multiplier. You’re not making the system “unbreakable” — you’re making it too expensive to bother with. Nation-state or script kiddie, every attacker runs the same ROI calculation. The compliance score isn’t the real metric. The real metric is how many attack paths you’ve eliminated.