Marionette is a realistic, OSCP-Like, story-driven vulnerable Linux machine that simulates common security mistakes found in small development and operational environments.
⚠️ This machine is intentionally vulnerable and is meant only for educational use.
The lab focuses on:
- Understanding Wordpress vulnerabilities
- Exploiting Poor credential handling
- Basic python programming
- Abusing user delegation mishandling
- Exploiting Privilege escalation through unsafe scripting practices
All attack paths are grounded in real-world scenarios rather than artificial CTF tricks.
- Virtualization Platform: VirtualBox (7.0 or higher)
- RAM: Minimum 2GB (4GB recommended)
- Disk Space: 10GB available storage
- Networking: DHCP enabled (create an issue if you're facing errors)
If you get stuck while working through Marionette, check out the Writeup.md file for a complete walkthrough and solutions.