User Generated Content
Targets created by the OffSec community
We're excited to launch OffSec's User-Generated Content (UGC) program! This is your chance to contribute to our PG Practice and Cyber Range labs, where your lab could be exploited by thousands of users.
All UGC is subject to a strict approval process by our Labs team. If accepted, and upon the successful completion of your submission review, you will receive compensation for your efforts.
Defensive skills need practice too.
Move your submission to the top of the list by building out our defensive lab arsenal. Pick from digital forensics, malware analysis, incident response, threat hunting and other defensive topics.
Submission rewards
All UGC is subject to a strict approval process by our Labs team. If accepted, and upon the successful completion of your submission review, you will receive compensation for your efforts.
-
Up to $300 reward
Minimum requirements
- Fully functioning VM
- Unique or original machine builds
- Presentable and accurate walkthrough
- Easy to understand and follow build script
- CVEs no older than 12 months
- MITRE framework alignment
-
Up to $500 reward
All minimum requirements and:
- Impeccable Exploit chains and overall concepts
- Clear descriptions of the lesson boxes are designed to teach
- Multi-step
-
Up to $1,500 reward
All minimum requirements and:
- Impeccable Exploit chains and overall concepts
- Clear descriptions of the lesson boxes are designed to teach
- Multi-step
- Fully functioning set of "grouped" or "chained" VMs
- Realistic penetration testing scenarios only (no CTF-like labs)
Note: Our defense sample is provided as a Bash script to demonstrate the logic, but we require all actual submissions to be written in Python.
Lab submission best practices
Guidelines
All virtual machines submitted to OffSec will be reviewed in detail by our UGC Approval Team. This ensures your submission meets the same high standards that the virtual machines developed in-house do.
You can read these guidelines in detail at our FAQ here.
Stipulations
- Only authors with 200 or above level certifications are eligible for bounties greater than $300.
- Only Windows** and POSIX based operating systems (UNIX/LINUX) will be accepted for review at this time. Unfortunately, we cannot accept any other proprietary or commercial operating system submissions.
- Submissions may meet varying levels of completeness, which will impact the compensation offered. We have detailed requirements, including alignment with the MITRE framework, exploitation walkthroughs, and system build scripts for each submission. Submissions that do not meet the requirements may not be accepted. All of this information is detailed in our Submission FAQ.
** We currently accept Windows machines from Windows 8.1 and Windows Server 2012 onward.
Common Scenarios
Submitted systems likely fall into one of two common scenarios:
Capture the Flag (CTF) style targets
These targets offer fun and challenging puzzles but are often not the realistic scenarios you
would likely encounter in a real assessment.
Realistic attack or defensive scenarios
These targets provide realistic scenarios of the sort you are likely to find while conducting
a modern assessment. These types of labs are our preference.
Tips
OffSec is renowned for our high standards and we apply those same standards to all submissions. Your submission will be reviewed by the UGC Approval Team, who will review every detail of your virtual machine and documentation.
Your compensation will be based on the contents of the submission, including the actual exploit path, the creativity demonstrated, and the completeness of the submission. The more effort you put into your submission the greater the compensation awarded to you.
Please be sure to review our FAQ, which details all requirements for a submission, in detail. If you feel you are ready please use the form below to start the process.
Dos
- Be creative
- Be original
- Try Harder
Donts
- Don't submit copied, similar, or otherwise plagiarized content
- Don't overlook the defaults - things like default Apache pages will be frowned upon
- root/toor is not a good password combination for this environment
UGC Submissions
Below are the list of labs that are currently in queue. We suggest starting with the labs with a status of “wishlist.” If you've submitted a lab, you can check the status below.
| Type | Format | Status | |
|---|---|---|---|
VaultBreaker | Attack | Standalone | Declined |
PayUpPal | Attack | Standalone | Declined |
Cascade | Attack | Standalone | Declined |
CVE-2024-12215-Kedro-RCE | Attack | Standalone | Declined |
Kickoff | Attack | Standalone | Declined |
Pickled | Attack | Standalone | Declined |
CVE-2025-26014-Loggrove-RCE | Attack | Standalone | Declined |
ChronicleX | Attack | Chain | Declined |
Write | Attack | Cloud | In Review |
KubeSantaBox | Attack | Standalone | Declined |
Escape | Attack | Standalone | Declined |
CVE-2025-1234 | Attack | Standalone | Wishlist |
| 1 - 12 of 293 |
Submit your machine
OffSec's lab team needs time to thoroughly review your submitted machine. Our submissions review process can take up to four weeks to complete.
We will contact you via email:
- within two days of receiving your submission
- if we require any missing or additional information
- when the review process has been completed