https://github.com/stratosphereips/stratocyberlab

A Cyber Range to learn hacking (both attacking & defending) techniques locally in your computer
https://github.com/stratosphereips/stratocyberlab

attack cvut cyber-range cyber-security cyberrange cybersecurity defense education hacking infosec introduction-to-security master-class playground

Last synced: about 1 month ago
JSON representation

A Cyber Range to learn hacking (both attacking & defending) techniques locally in your computer

• Host: GitHub
• URL: https://github.com/stratosphereips/stratocyberlab
• Owner: stratosphereips
• License: gpl-2.0
• Created: 2024-04-25T14:10:30.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2025-12-11T09:46:07.000Z (3 months ago)
• Last Synced: 2025-12-12T09:34:17.431Z (3 months ago)
• Topics: attack, cvut, cyber-range, cyber-security, cyberrange, cybersecurity, defense, education, hacking, infosec, introduction-to-security, master-class, playground
• Language: Python
• Homepage: https://cybersecurity.bsy.fel.cvut.cz/
• Size: 13.2 MB
• Stars: 105
• Watchers: 10
• Forks: 36
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • Contributing: .github/CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: .github/CODE_OF_CONDUCT.md
  • Citation: CITATION.cff
  • Security: .github/SECURITY.md

Awesome Lists containing this project

• awesome-starts - stratosphereips/stratocyberlab - A Cyber Range to learn hacking (both attacking & defending) techniques locally in your computer (cybersecurity)

README

          
StratoCyberLab




  



StratoCyberLab (SCL) is a local cyber range to test and practice your offensive and defensive cybersecurity skills. It was developed by the [Stratosphere Laboratory](https://www.stratosphereips.org/) with two primary goals:

* To allow anyone to run local capture-the-flag challenges (_think HackTheBox, but local on your computer!_).

* To set up local security environments for students of the [Introduction to Security class](https://cybersecurity.bsy.fel.cvut.cz/) to follow weekly classes and practice hacking.






  



## Features

* 🔒 Local-only. No cloud. No tracking. No login. No data collection.

* ⚙️ Easy-To-Use. Only Docker required and a single command to start the lab.  

* 🧩 Many cybersecurity exercises in the form of CTF challenges.

* 🎓 Predefined network and service environments for students of the [Introduction to Security class](https://cybersecurity.bsy.fel.cvut.cz/).

* 🐳 The lab runs using Docker containers on shared virtual network(s).

* 🛠️ A container is created for you as your attacking machine. Install any tools you want without modifying your host computer.

* 🌐 A web interface to manage challenges and play.

* 💻 Solve all challenges from the web interface using the built-in WebSSH terminal.

* 🤖 AI-assisted: the web interface includes a local LLM chat (using _Ollama_) to assist your hacking. You can choose any Ollama model.

## Requirements

### Hardware

Resource consumption depends heavily on user actions. We do not recommend starting all challenges at once, as this may require significant compute by generating a lot of network traffic and starting many services.

We estimate the minimum requirements to be **3 GB of disk** space and **2 GB of spare RAM**. (Note: downloading an LLM model will require additional disk space depending on the model.)   

### Software

The only requirement to run SCL is to have `docker (v>20.10)` installed.

## How to start

1. To start the lab, run:

```bash

git clone https://github.com/stratosphereips/stratocyberlab.git

cd stratocyberlab

docker compose up

```

This uses the already prepared [docker-compose.yml](./docker-compose.yml) file to start three services:

* `hackerlab` — a container with SSH and core utilities for hacking

* `dashboard` — a web interface to start/stop challenges, submit flags, control Ollama, etc.

* `ollama` — a container that optionally handles the local LLM models

2. After the lab bootstraps, navigate in your browser to [http://127.0.0.1/](http://127.0.0.1/) to access the lab dashboard. 

3. Read the welcome message and solve a Hello World challenge to verify your setup is working correctly.

4. Hack the world!

### Troubleshooting

**Q: I pulled new updates but the lab is running the old version.**  

**A:** Depending on the changes, sometimes it’s required to force Docker to rebuild and/or restart the containers. Re-run the lab using: `docker compose up --build --force-recreate`.  

**Q: I see a _REMOTE HOST IDENTIFICATION_ warning when trying to SSH into the `hackerlab` container.**  

**A:** The ID of the `hackerlab` container is regenerated when the container is recreated. Add `-o UserKnownHostsFile=/dev/null` to your SSH command to fix the issue.

**Q: I have a Windows OS and the challenges are not working correctly for me.**  

**A:** Git for Windows uses _CRLF_ line endings by default, which may break some designed functionality. Either replace all _CRLF_ line endings with _LF_ or set this behavior globally in Git using these commands (note that you have to re-clone the repository after making this change to take effect):

```bash

git config --global core.autocrlf false

git config --global core.eol lf

```

## Development

We appreciate all **PRs** with **new challenges** or bug fixes.

Please refer to a separate Development documentation at [./docs/development.md](./docs/development.md).

## Architecture Diagram

![StratoCyberLab (SCL) - Architecture](https://github.com/user-attachments/assets/182aebd9-0488-45bb-80db-32e97decc7a7)