Adversary Lab
TSS Controlled Attack Range
Purpose
The TSS lab is a controlled environment for practicing attack paths, validating defensive controls, testing segmentation, and documenting how traffic should behave before tools are used to confirm it.
Range model
- LAN for normal workstation and service behavior.
- Isolation zone for controlled testing and CTF-style experimentation.
- AD lab for Windows Server, DNS/DHCP, SMB, identity, and domain workflows.
- DMZ concepts for exposed-service thinking, reverse proxy patterns, and traffic inspection.
Security value
This range shows systems thinking: routes, zones, rules, attack surface, expected traffic, denied traffic, and evidence collection. It is a small environment built to force enterprise-style reasoning.
Operating principle
Build the architecture, abuse the architecture, document the result, and improve the architecture.