Re: [GPWN-list] Pen Testing Lab Images/Systems setup

[Jamil Ben Alluch <jamil () autronix com>]

Thank you all for all the great responses. Lots of information here!

I appreciate it greatly.

Best Regards,

--
Jamil Ben Alluch, B.Ing., GCIH
<http://www.autronix.com>
jamil () autronix com
+1-819-923-3012


On Sun, Nov 17, 2013 at 9:34 AM, Joseph Brand <joe () joebrand net> wrote:

> TechNet was replaced with free to download 180 day trials so you can still
> get access to ISOs and install MS stuff.  Just a pain to rekey, or mess
> with changing the OS date / time settings to keep it within the trial.
>
> I like to run a couple of the recent versions at home for trial scans and
> finding ways in.
>
> Joe
> ------------------------------
> From: Robin Wood
> Sent: 11/17/2013 9:03 AM
> To: Ed Skoudis
> Cc: gpwn-list () lists sans org
> Subject: Re: [GPWN-list] Pen Testing Lab Images/Systems setup
>
>
> On 17 November 2013 13:46, Ed Skoudis <ed () counterhack com> wrote:
> > Great stuff, guys!
> >
> > You also may want to check out the mind map by Aman Hardikar .M.  Great
> > stuff.
> >
> > http://www.amanhardikar.com/mindmaps/Practice.html
> >
> > He allowed us to put it on the SANS Pen Test poster, and I'm very
> grateful
> > for that.
> >
> > --Ed.
>
> If asked last year I'd have suggested MS TechNet as a great way to get
> licences for most MS products but they have cancelled that program now
> so can't subscribe any more :(
>
> I would suggest though looking through some of the MS tutorials on how
> to set up their tools, for example this on SharePoint
> http://technet.microsoft.com/en-us/library/jj658588.aspx . It tells
> you how MS would expect the systems to be set up so gives you a good
> idea of the base level for a lot of builds.
>
> Robin
>
> > On Nov 16, 2013, at 11:52 PM, Julian Makas <jmakas () mimictechnologies com
> >
> > wrote:
> >
> > We have a couple scenarios in play at my place.
> >
> > Our "attack lab" has all of the normal pwn-able images (ie.
> metasploitable,
> > DVWA, etc.).
> >
> > Out "test lab" is 1/2 Fort Knox and 1/2 realistic network based on what
> we
> > are seeing as a norm amongst our clients.
> >
> > The Fort Knox side is a sudo war games between our admin group and
> security
> > group where the realistic side tries to mimic a common baseline of what
> we
> > see going on in our client networks. This give us some red and blue team
> > benefits.
> >
> > Attack lab is for training.
> >
> > Hardened and baseline networks are for training and bragging rights but
> > mostly used for testing engagement scenarios where we have to step
> outside
> > of the box.
> >
> > What do you need your lab to do for you? Let you train? Let you test poc
> and
> > new concepts? Crash your lab box before you crash a clients server while
> on
> > an engagement?
> >
> > It all depends on what you want to do, but you'll eventually want
> aspects of
> > all of these.
> >
> > - J
> >
> >
> >
> > Sent from my iPhone
> >
> > On Nov 16, 2013, at 7:16 PM, "James Shewmaker" <james () bluenotch com>
> wrote:
> > On Sat, Nov 16, 2013 at 2:29 PM, Jamil Ben Alluch <jamil () autronix com>
> > wrote:
> > > Hello,
> > >
> > > This may be a recurring question, but I still wanted to get some input.
> > >
> > > What kind of systems do you normally use for your pen-testing labs; more
> > > specifically, are there pre-set images that you use for testing
> > > vulnerabilities and practice ("Ready-to-Hack" systems)?
> > Hi Jamil,
> >
> > You can get started with vulnhub.com. They have some free (but hosted
> via
> > VPN) pre-configured scenarios, including some you can download. The
> > vuln-injector program they have is great for weakening a random Windows
> VM
> > so you can experiment with a closer-to-real-world target. There is also
> our
> > scenario engine, currently in closed beta, at bunker011.com (almost 800
> > different hosted VMs)--you could try registering and see if you get
> invited.
> > ;)
> >
> > It would be interesting to see if you could use the free VPN hosted
> > projects, and use dd+netcat to steal them ... Interested, not endorsed!
> >
> >
> > _______________________________________________
> > gpwn-list mailing list
> > gpwn-list () lists sans org
> > https://lists.sans.org/mailman/listinfo/gpwn-list
> >
> > _______________________________________________
> > gpwn-list mailing list
> > gpwn-list () lists sans org
> > https://lists.sans.org/mailman/listinfo/gpwn-list
> >
> >
> >
> > _______________________________________________
> > gpwn-list mailing list
> > gpwn-list () lists sans org
> > https://lists.sans.org/mailman/listinfo/gpwn-list
> _______________________________________________
> gpwn-list mailing list
> gpwn-list () lists sans org
> https://lists.sans.org/mailman/listinfo/gpwn-list
>
> _______________________________________________
> gpwn-list mailing list
> gpwn-list () lists sans org
> https://lists.sans.org/mailman/listinfo/gpwn-list
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com