Since working through and reviewing Wilhelm’s ‘Professional Penetration Testing’ I’ve been trying to build up and improve my personal lab environment, still running ESXi and still running on my HP Proliant ML110 . Having just about got all of my target machines in place I thought this would be a good place to list the machines in my lab, and to share the sources for others looking for a test environment themselves.
Off the back of the Professional Penetration Testing book I include the machines created and maintained on Heorot.net;
- The De-ICE LiveCDs – Example target machines, goal is to gain root access.
- Hackerdemia – “The Hackerdemia Project is a LiveCD that provides both an instructional platform (in the form of a wiki) and an attack target to practice newly acquired skills.”
- pWnOS – Target machine created by a member of Heorot.net forums, Bond00.
The recent release of Metasploit Unleashed has provided a new excellent source of information for anyone looking to learn the ins and outs of the Metasploit framework. The material provides a guide for setting up two targets used throughout the courseware:
- An XP machine from NISTs FDCC project, with instructions for downgrading the security and running SQL Express
- A Ubuntu 7.04 machine running Samba
From my own experimentation I also run:
- Two XP machines (SP1 & SP2) – mainly used for malware analysis
- A Debian 4.0 victim – for working with Linux exploits and shellcode
- BackTrack 4 – as an attack platform
- LiveCD – Used for running additional liveCDs in the lab that aren’t permanent residence, often Samurai or Helix (before it went commercial)
For most testing I will run only a handful of the above machines at any one time, just whatever is necessary for a particular scenario. However I am able to run all the above at the same time to test scanning and information gathering tools, nmap, Nessus, etc.
If you’re looking to develop information security skills and get hands on experience using the relevant tools and techniques I’d fully suggest reading through the links above. The amount and quality of freely available information is outstanding, and as my kit proves it doesn’t take great hardware to take advantage.
— Andrew Waite
<Update>If you’re running a Mac take a look at phenotyne’s post for getting similar environments working under Apple hardware</Update>