Parrot CTFs: #1 Cyber Security Education & Upskilling Labs

Practical Training in defending enterprise infrastructures

Experience hands-on simulations of actual cyber threats to enhance your skills as a Blue Team defender. Learn effective strategies to safeguard organizational security against real-world attacks.

Blue Team Lagoon Defending the Cyber Realm

At Blue Team Lagoon, we dive deep into the best practices, tools, and strategies used by these cyber defenders. Here, we explore the art of securing digital perimeters, maintaining infrastructure integrity, and safeguarding data confidentiality. With the right approach and the proper tools, a Blue Team can transform any vulnerability into a stronghold.

Network Security Monitoring

Implementation of tools and techniques to continuously monitor the network for suspicious activities and potential vulnerabilities, ensuring a swift and effective response to potential threats.

Security Information and Event Management (SIEM)

Utilization of Security Information and Event Management (SIEM) systems to collect, analyze, and correlate security data from multiple sources, facilitating early detection and effective incident response.

Firewall Implementation and Management

Configuration of firewalls to filter incoming and outgoing network traffic, ensuring that only authorized traffic has access to network resources and protecting against known and unknown network attacks.

Vulnerability Analysis and Patch Management

Ongoing assessment of systems and applications for vulnerabilities through automated and manual scanning, followed by timely application of patches and updates to mitigate security risks.

Identity and Access Management

Implementation of controls to securely manage user identities and privileges within the network, ensuring that only authorized users have access to critical and sensitive resources.

Security Training and Awareness

Educational and awareness programs for staff on cybersecurity best practices, focusing on preventing internal threats and promoting a culture of security throughout the organization.

Parrot CTFs Labs Machines: Put Your Defense Skills to the Test!

One of the best ways to practice and refine Blue Team skills is by solving challenges in controlled environments. Parrot CTFs (Capture The Flag) offers a fantastic platform for training and honing your defensive skills. Parrot provides a variety of Lab Machines designed to simulate real-world cybersecurity scenarios, allowing defenders to tackle attacks, identifying and mitigating vulnerabilities in a safe and controlled setting.

Below, you'll find a series of Pro Lab Machines available in Parrot CTFs, each with its own unique challenges and features to help you perfect your cybersecurity defense and attack skills. Each pro lab machine is configured with different levels of difficulty and attack techniques, ranging from simple intrusions to complex exploits Don’t miss the chance to test your knowledge and take your training to the next level!

Blue Team Lagoon

Keylogger

In the Keylogger Malware Analysis Lab, participants step into the role of a blue teamer, tasked with identifying, analyzing, and neutralizing a keylogger malware threat within a corporate environment. This hands-on lab is designed to simulate a real-world scenario where attackers have deployed a keylogger to secretly capture keystrokes and steal sensitive information. Participants will learn to recognize the signs of keylogger infections, use forensic tools to analyze malicious binaries, and implement effective countermeasures to protect the network from future attacks.

Beginner Lab Difficulty

1 Machines

2 Flags

Explore

KEY LEARNING OUTCOMES

Malware Analysis
Local Network Analysis
TCP Traffic Inspection
Sysinternals Suite
Online Investigations

Attacker

In the Attacker Malware Analysis Lab, participants adopt the role of a blue teamer, focusing on an offline investigation to identify, analyze, and neutralize malware threats. This hands-on lab is designed to simulate a real-world scenario where attackers have deployed malicious executables to compromise a system. Participants will utilize tools such as VirusTotal and other forensic utilities to gather detailed information about the malicious files. Through this lab, they will learn to recognize the signs of malware infections, perform thorough static analysis of executables, and implement effective countermeasures to safeguard the network from future attacks.

Intermediate Lab Difficulty

1 Machines

2 Flags

Explore

KEY LEARNING OUTCOMES

Malware Analysis
Local Analysis
Binary Analysis
Virus Total and Executable Hashes
Offline Investigations

Wazuh SIEM

Wazuh is an open-source security information and event management (SIEM) solution that provides comprehensive security monitoring and management capabilities. It integrates various security tools and techniques to help organizations detect threats, monitor infrastructure, and ensure compliance with security policies. In this lab you will learn how to use a SIEM to identify various malicious actions that have happened on endpoint.

Beginner Lab Difficulty

1 Machines

2 Flags

Explore

KEY LEARNING OUTCOMES

Understanding SIEM Fundamentals
Online Investigations
SOC alerts
Threat Detection and Incident Response
Log management

Snort IDS

In the Snort Blue Team Lab, participants assume the role of a blue team defender tasked with securing a corporate network using Snort, a popular open-source Intrusion Detection System (IDS). This immersive, hands-on lab simulates real-world network security challenges where attackers are attempting to breach the network through various techniques, including port scans, malicious payloads, and suspicious network traffic. Participants will learn to configure and deploy Snort rules, analyze network traffic for indicators of compromise (IoCs), and implement effective detection strategies to identify and respond to potential threats. By the end of the lab, participants will have a solid understanding of how to use Snort to protect an organization from network-based attacks and improve overall security posture.

To use this lab you will need to be connected to the Professional Labs VPN!

Beginner Lab Difficulty

1 Machines

2 Flags

Explore

KEY LEARNING OUTCOMES

Malware Analysis
Local Network Analysis
TCP Traffic Inspection
Local Linux Enviornment
Online Investigations
Intrusion Prevention Systems

Using Autopsy

In the Autopsy Digital Forensics Lab, participants take on the role of a digital forensics investigator tasked with analyzing digital evidence to uncover critical information in a simulated investigation. Using Autopsy, a widely-used, open-source digital forensics platform, participants will work with a provided file to investigate various aspects of its contents, metadata, and potential artifacts. This hands-on lab immerses participants in real-world forensic challenges, allowing them to extract and analyze file system data, recover deleted files, and identify evidence of suspicious or malicious activity. Through practical exercises, participants will gain experience in examining file structures, applying investigative techniques, and generating reports to document findings. By the end of the lab, they will be well-prepared to leverage Autopsy for forensic analysis in real-world scenarios and effectively contribute to digital investigations.

Beginner Lab Difficulty

1 Machines

2 Flags

Explore

KEY LEARNING OUTCOMES

File Recovery
Digital Forensics
Using DFIR Tools
Online Investigations

Get Certified with Parrot CTFs

Unlock your potential and validate your cybersecurity expertise with a Blue Team Lagoon Certification through Parrot CTFs. This certification is designed to recognize your skills in defending against cyber threats, providing you with a tangible credential that proves your proficiency in Blue Team tactics, strategies, and tools.

Blue Team Lagoon Certification

Start your journey towards certification today and prove that you have what it takes to be part of the elite defenders of the cyber world!

Frequently Asked Questions

Blue Teaming involves a group of security professionals focused on defending an organization's information systems against cyber attacks. They monitor, detect, and respond to security incidents, ensuring the protection of the organization's assets. Blue Teams utilize various tools and techniques to identify vulnerabilities, implement security measures, and maintain the integrity, confidentiality, and availability of data. Their goal is to strengthen the organization's defenses, improve incident response capabilities, and ensure compliance with security policies and regulations.

Blue Team Lagoon is a simulated training environment designed to enhance the skills and capabilities of Blue Team professionals. This environment provides realistic scenarios that mimic actual cyber threats, allowing participants to practice and refine their defensive strategies.

Yes. You need to be a VIP subscriber to access these labs. However you only need VIP to access this and all other labs. You can check pricing here.

Your progress remains intact, but access to the lab is restricted. To complete the lab you need to renew your subscription and continue your hacking activities.

Solutions for

Products we offer

Products we offer

Products we offer

Products we offer

Parrot CTFs for Teams

Build cybersecurity talent.

Parrot CTFs for Education

Empower the next generation.

Parrot CTFs for Students

Start your cybersecurity journey.

Compliance-Focused Penetration Testing

NIS2 Compliance - Penetration Testing & Auditing

Parrot CTFs helps companies across Europe meet and maintain NIS2 compliance through trusted, transparent, and repeatable penetration testing. Get detailed audit-ready reports, real-world risk insights, and full lifecycle support.

Job Roles

Industries

Parrot CTFs Use Cases

Customer Stories

Hacking Glossary

Hacking Cheat Sheets

Help Center

Introduction to Parrot CTFs

Community

Get Help

From the Blog

New release: The latest on CVE-2025-29927 – NextJS Vulnerability

Company

Contact us

Connect

Why Parrot CTFs?

Featured News

Level Up Your Active Directory Hacking: Parrot CTFs Now Hosts GOAD by Orange Cyberdefense

Store

Start a free trial

Book a demo

Products we offer

Products we offer

Products we offer

NIS2 Compliance

Products we offer

Parrot CTFs Use Cases

Customer Stories

Hacking Glossary

Hacking Cheat Sheets

Help Center

Introduction to Parrot CTFs

From the Blog

New release: The latest on CVE-2025-29927 – NextJS Vulnerability

Why Parrot CTFs?

Featured News

Level Up Your Active Directory Hacking: Parrot CTFs Now Hosts GOAD by Orange Cyberdefense

Store

Practical Training in defending enterprise infrastructures

Experience hands-on simulations of actual cyber threats to enhance your skills as a Blue Team defender. Learn effective strategies to safeguard organizational security against real-world attacks.

AUTHENTIC

DEFENSIVE

SIMULATIONS

Real Enterprise Enviornments

Active Directory and Cloud

Real World DFIR Scenarios

Blue Team Lagoon Defending the Cyber Realm

Network Security Monitoring

Security Information and Event Management (SIEM)

Firewall Implementation and Management

Vulnerability Analysis and Patch Management

Identity and Access Management

Security Training and Awareness

Parrot CTFs Labs Machines: Put Your Defense Skills to the Test!

Blue Team Lagoon

Keylogger

Attacker

Wazuh SIEM

Snort IDS

Using Autopsy

Get Certified with Parrot CTFs

Blue Team Lagoon Certification

Frequently Asked Questions

What is blue team?

What is Blue Team Lagoon?

Do I need a subscription to access Blue Team Lagoon?