Windows, Linux, Kali and Android labs
Windows ReverseLab, Windows PentestLab, Linux ReverseLab, Linux PentestLab, Kali Linux PentestLab and Android Lab environments.
RxCloud CyberLab is a free and open malware sandbox built for researchers, AV testers, pentesters, and reverse engineers. Launch isolated Windows, Linux, Kali and Android labs in seconds, collect telemetry automatically, and work from anywhere through your browser.
Designed from scratch in Alsace, France, RxCloud CyberLab focuses on accessible Windows, Linux, Kali and Android Lab environments, strong isolation, and practical workflows for cybersecurity researchers.

Cutting-edge environments without paywalls, artificial friction, or complex onboarding.

Open a browser, authenticate, and access your lab through browser-based RDP / HTML5 with no local setup.

Each environment is segmented behind pfSense with monitored network activity and controlled exposure.
The goal is simple: remove friction, preserve safety, and give researchers a polished environment that is actually pleasant to use.
From malware detonation to telemetry review, RxCloud brings together browser access, isolated Windows, Linux, Kali and Android environments, automated capture, Atlas behavior mapping, and final reporting into one coherent workflow.
Balanced access that keeps the platform available to everyone.
CPU, RAM, network, storage, behavior, and artifacts in one flow.
Distributed Master + Node2 + Node3 capacity across Windows, Linux, Kali and Android labs.
Logs, observed behavior, and IoCs summarized at the end of the session.
The platform is engineered to provide fast access, strong isolation, and predictable behavior across every session.
Windows ReverseLab, Windows PentestLab, Linux ReverseLab, Linux PentestLab, Kali Linux PentestLab and Android Lab environments.
Master + Node2 + Node3 architecture with per-lab VLANs, monitored traffic, and controlled exposure. Node3 is a dedicated Android Lab node hosted by OVHcloud in Gravelines, France.
Apache Guacamole brings browser-based RDP / HTML5 access, with PDF/JSON reports and Atlas behavior maps after sessions.
Made in France, made in Alsace, and built from scratch with one core idea: give researchers a free, open, isolated cyberlab they can actually use.
RxCloud CyberLab started as a technical challenge and grew into a real platform: browser access, isolated VLANs, multi-node lab capacity, monitoring, PDF reports, and a workflow tailored to malware research.
No corporate committee. No investor-driven roadmap. Just a developer focused on building something useful, serious, and accessible.
For general inquiries, partnerships, media requests, or technical questions about the platform.
Whether you are a researcher, a pentester, a curious analyst, or someone interested in the project, you can use this channel to get in touch.
Everything you need to know about RxCloud CyberLab before getting started.
Editor: RoxasDev | RxCloud CyberLab — Independent Project (Alsace, France)
Hosting: OVHcloud - European Union infrastructure (France & Germany). Core services and user data are operated from France; Node2 is a remote compute node for Windows, Linux and Kali lab VMs in Germany; Node3 is a dedicated Android Lab node hosted in Gravelines, France.
Contact: contact@rxcloud.fr
Terms of Use: By using RxCloud CyberLab, you agree to the Terms of Use available on the dashboard.
GDPR: Personal data such as name, email address, account information, technical usage logs, session metadata, uploaded sample metadata, generated reports and security-related logs may be processed only for account access, platform security, abuse prevention, fair use and service operation. Data is hosted securely within the European Union, including France and Germany through OVHcloud infrastructure. You may request access, rectification, restriction or deletion by contacting contact@rxcloud.fr.
Disclaimer: RxCloud CyberLab is provided for research, education, malware analysis, antivirus testing and defensive cybersecurity purposes only. The creator and operators cannot be held responsible for user actions, misuse of the Platform, illegal activity performed by users, or damages resulting from executing malicious, unsafe or unstable software inside the sandbox environment.