Re: [GPWN-list] Pen Testing Lab Images/Systems setup

[Julian Makas <jmakas () mimictechnologies com>]

We have a couple scenarios in play at my place.

Our "attack lab" has all of the normal pwn-able images (ie. metasploitable, DVWA, etc.).

Out "test lab" is 1/2 Fort Knox and 1/2 realistic network based on what we are seeing as a norm amongst our clients.

The Fort Knox side is a sudo war games between our admin group and security group where the realistic side tries to 
mimic a common baseline of what we see going on in our client networks. This give us some red and blue team benefits.

Attack lab is for training.

Hardened and baseline networks are for training and bragging rights but mostly used for testing engagement scenarios 
where we have to step outside of the box.

What do you need your lab to do for you? Let you train? Let you test poc and new concepts? Crash your lab box before 
you crash a clients server while on an engagement?

It all depends on what you want to do, but you'll eventually want aspects of all of these.

- J



Sent from my iPhone

On Nov 16, 2013, at 7:16 PM, "James Shewmaker" <james () bluenotch com<mailto:james () bluenotch com>> wrote:


On Sat, Nov 16, 2013 at 2:29 PM, Jamil Ben Alluch <jamil () autronix com<mailto:jamil () autronix com>> wrote:
Hello,

This may be a recurring question, but I still wanted to get some input.

What kind of systems do you normally use for your pen-testing labs; more specifically, are there pre-set images that 
you use for testing vulnerabilities and practice ("Ready-to-Hack" systems)?


Hi Jamil,

You can get started with vulnhub.com<http://vulnhub.com>. They have some free (but hosted via VPN) pre-configured 
scenarios, including some you can download. The vuln-injector program they have is great for weakening a random Windows 
VM so you can experiment with a closer-to-real-world target. There is also our scenario engine, currently in closed 
beta, at bunker011.com<http://bunker011.com> (almost 800 different hosted VMs)--you could try registering and see if 
you get invited. ;)

It would be interesting to see if you could use the free VPN hosted projects, and use dd+netcat to steal them ... 
Interested, not endorsed!


_______________________________________________
gpwn-list mailing list
gpwn-list () lists sans org<mailto:gpwn-list () lists sans org>
https://lists.sans.org/mailman/listinfo/gpwn-list

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com