Re: Pentesting lab

[Robin Wood <dninja () gmail com>]

2009/12/24 s3c.b3n <securitybender () gmail com>:
> Hi all,
>
> I'm just starting my career a security specialist. I'm interested in
> creating my own penetration testing lab. To test exploits (metasploit
> epically) I need some targets (vulnerable servers). Are there such
> servers (VM images or ISOs) for general services like OWASP for web
> apps? or are there any scripts or applications that can create those
> vulnerabilities.
>
> My main goal is to get familiar with the existing tools.

Here are a couple of good references:

http://www.irongeek.com/i.php?page=videos/building-a-hacklab
http://pauldotcom.com/2009/12/automating-my-vmware-lab.html

Also look at de-ice, damn vulnerable linux and damn vulnerable web app.

Robin

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------