Clone of https://github.com/rmusser01/Infosec_Reference . For those who would prefer to not be tracked by MS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

5.0 KiB

Building a Pentest Lab

ToC

General

  • Install AD DS using Powerhsell

  • Pentest Environment Deployer

    • This repo provides an easy way to deploy a clean and customized pentesting environment with Kali linux using vagrant and virtualbox.
  • DumpsterFire

    • Slides
    • The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Resources for VMs

VMs Designed to be Attacked

  • Vulnhub

    • Vulnhub is a website dedicated to cataloging various vulnerable VMs from across the web. It also has a healthy community that creates and submits new VMs on a regular basis. As I write this now, I believe there is around 100 or so different VMs on Vulnhub, so you have a bit of variation.
  • iv-wrt

    • An Intentionally Vulnerable Router Firmware Distribution
  • List of VMs that are preconfigured virtual machines

  • The Hacker Games - Hack the VM before it hacks you

    • I have talked about counterattacks here before, and this system has implemented a number of aggressive anti-hacker measures. In fact, this VM is downright evil. I am probably legally obligated to tell you that it will try to hack you. So if a calculator or message declaring your pwnedness pops up or shows up on your desktop, you asked for it. But dont worry, it wont steal your docs or rm you, it will just demonstrate compromise for the game. To save precious bandwidth, this has been implemented in a minimal tinycore-based VM, and will require VirtualBox to run.

Installing Active Directory

Guides to setting up a Pen test lab: