I wonder if https://labs.play-with-docker.com/ can be used for a simple brute force DDOS attack or other similar exploits.
There are a lot of web sites out there that cannot and are not designed to support a lot of users. Maybe they are not intended to.
It would be trivial to launch an heavy traffic generator from a play-with-docker instance, without being tracked.
Are there any measure in place to avoid that?