Building a Lab

Table of Contents


General

  • This page is supposed to be a collection of resources for building a lab for performing various security related tasks. Generally, the idea is that you setup a local VM hypervisor software(VMware, Virtualbox) and then install a virtual machine to perform testing and analysis without any impact to your "physical" machine.

Virtual Machines

  • 101

  • VM Hypervisor Software

  • Obtaining VMs

  • Automated Lab/Machine Creation Tools

    • Security Scenario Generator (SecGen)](https://github.com/cliffe/SecGen)
      • SecGen creates vulnerable virtual machines so students can learn security penetration testing techniques. Boxes like Metasploitable2 are always the same, this project uses Vagrant, Puppet, and Ruby to create randomly vulnerable virtual machines that can be used for learning or for hosting CTF events.
    • Detection Lab
      • Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices. This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts.
    • Set up your own malware analysis lab with VirtualBox, INetSim and Burp - Christophe Tafani-Dereeper
    • CyRIS: Cyber Range Instantiation System
      • CyRIS is a tool for facilitating cybersecurity training by automating the creation and management of the corresponding training environments (a.k.a, cyber ranges) based on a description in YAML format. CyRIS is being developed by the Cyber Range Organization and Design (CROND) NEC-endowed chair at the Japan Advanced Institute of Science and Technology (JAIST).
  • VMs Designed to be Attacked

    • List of VMs that are preconfigured virtual machines
    • The Hacker Games - Hack the VM before it hacks you
      • I have talked about counterattacks here before, and this system has implemented a number of aggressive anti-hacker measures. In fact, this VM is downright evil. I am probably legally obligated to tell you that it will try to hack you. So if a calculator or message declaring your pwnedness pops up or shows up on your desktop, you asked for it. But don’t worry, it won’t steal your docs or rm you, it will just demonstrate compromise for the game. To save precious bandwidth, this has been implemented in a minimal tinycore-based VM, and will require VirtualBox to run.
    • Docker
    • Exploit Development
      • exploit_me
        • Very vulnerable ARM application (CTF style exploitation tutorial for ARM, but portable to other platforms)
    • Router
      • iv-wrt
        • An Intentionally Vulnerable Router Firmware Distribution
    • Thick Client
    • Web Application Focused
      • OWASP Broken Web Applications Project
        • OWASP Broken Web Applications Project is a collection of vulnerable web applications that is distributed on a Virtual Machine.
      • OWASP Juiceshop
      • OWASP Damn Vulnerabl Web Sockets
        • OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA. You will find more vulnerabilities than the ones listed in the application.
      • Damn Vulnerable Web App
        • Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.
      • Damn Small Vulnerable Web
        • Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks.
      • vulnerable-api
      • django.nV
        • django.nV is a purposefully vulnerable Django application provided by nVisium.
      • node.nV
        • Intentionally Vulnerable node.js application
      • goat.js
        • Tutorial for Node.js security
      • MoneyX
        • MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.
      • grails_nV
        • grails_nV is a vulnerable jobs listing website.
      • RailsGoat
        • RailsGoat is a vulnerable version of the Ruby on Rails Framework from versions 3 to 5. It includes vulnerabilities from the OWASP Top 10, as well as some "extras" that the initial project contributors felt worthwhile to share. This project is designed to educate both developers, as well as security professionals.
      • File scanner web app (Part 1 of 5): Stand-up and webserver
      • OWASP DevSlop Project
        • collection of DevOps-driven applications, specifically designed to showcase security catastrophes and vulnerabilities for use in security testing, software testing, learning and teaching for both developers and security professionals.

Setting up ActiveDirectory Focused Labs


Building a Pen test lab