Forum Thread: Creating the Perfect Hacking Lab

I plan on creating the perfect hacking lab.

Any suggestions?

Thank you for replying.

Things I am going to do so far-

Microsoft Windows XP VM
Microsoft Windows Server 2003 VM
Microsoft Windows Vista VM
Microsoft Windows 7 VM
Microsoft Windows 8.1 VM
Metasploitable VM
Backtrack 5 R3 VM
Kali 2.0 VM

Kali Dual boot with Mac

-Creating clean templates for all VM and storing on hard drive

14 Responses

I'll give you the specs of my virtual hacking lab:

  • One attacking machine (Kali or Parrot)
  • Windows XP machine with firewall & AV disabled
  • Windows XP machine with firewall & AV enabled
  • Windows 7 machine with firewall & AV disabled
  • Windows 7 machine with firewall & AV enabled
  • Windows 8.1 machine with firewall & AV disabled
  • Windows 8.1 machine with firewall & AV enabled
  • Ubuntu & Debian of various versions
  • Metasploitable 2

Take note that these machines also have old apps installed on them that are vulnerable. I also didn't include the AV's and firewall configurations and other things because they need to be changed according to what you are planning to do.

I am also looking for a way to add an Android emulator.

-Phoenix750

I think you could just join something online. 9 systems...maybe that's too much. Somewhere between 'enough' and 'perfect', I'd say.

Of course, you can add more to it. You don't have any real server OS except Debian. I suggest Win Server 2003 & 2008, CentOS, CloudLinux, Hackintosh, Fedora, and maybe some more.

-The Joker

I am going to get a new 2TB drive, and will probably put those OS's on there as VM's. Thanks for the suggestion!

-Phoenix750

If you want to add Android to your lab, I might suggest you look into android-x86. That might not fit all your development and reversing need, as it's not built on native arm, but for other things it will work just fine.

Otherwise, I'd suggest you get a live device (broken screen or earphone, old phone, cheap used, anything that goes for around 50eur) and use vnc / ssh / adb to control it and do whatever you want from your linux or win pc. This is because sometimes you need a real device to get your things working correctly.

VNC plus miscosoft RPC but it's the idea ok MR Kevin Mitnick:
«You can have the best security but if an hacker takes hand on your PC it's no longer your's.»

Good forum idea!
I've always dreamed of making my own hacking lab.

Even though I love virtual machines, I find it would be much safer (for forensic purposes) to use everything on a usb. I would also have a couple monitors on a desk and a couple different wireless cards to do testing.

Thanks again for the good post.

Yea i wanted to do something like multiboot from a usb hdd with SHA test and password to start an image, any advice on the tools to use ?

Install the OS directly to your USB drive with ''full disk encription'' on installation.

Keep it simple and practical. I'm on this at ~6 years and i tell you my opinion, it's just an opinion. You has 2 modes of hacking ...Local or Remote.

For LOCAL you must know who vulnerability discovery+exploitation work, my best results have been made using SET (Social Engineering Toolkit -Kali) with the option ''infectious media generator'' and with ''QRcode'' i've printed the QRcode and made a flyer on the shopping with 'promotion at cinema' so i can get someone to scan it.

For REMOTE you must desautenticate from your home router and have a device connected to it (your target). So you must bypass the router auth and then vulnerability assesment again.

THAT'S ALL YOU NEED, don't wast PC resources with a lot of things, your time still be more valuable than your PC, remember it.

Share Your Thoughts

  • Hot
  • Active