Penetration Testing mailing list archives
Re: Pentesting lab
From: Scott <opiesan () gmail com>
Date: Tue, 29 Dec 2009 13:43:01 -0500
I recommend the De-ICE CD's as a good starting point. Not only are they designed to be vulnerable, there's also a framework/course based on attacking them www.de-ice.net You can also check out Damn Vulnerable Linux although I've never used it. http://www.damnvulnerablelinux.org/ If you want to focus on web application testing then give Webgoat a try as well. http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project Lastly, try searching the list archives on this topic. I've seen it come up many times in the past and you'll likely find a wealth of excellent responses and suggestions in the previous threads. Good luck. Scott On Thu, Dec 24, 2009 at 9:09 AM, s3c.b3n <securitybender () gmail com> wrote:
Hi all, I'm just starting my career a security specialist. I'm interested in creating my own penetration testing lab. To test exploits (metasploit epically) I need some targets (vulnerable servers). Are there such servers (VM images or ISOs) for general services like OWASP for web apps? or are there any scripts or applications that can create those vulnerabilities. My main goal is to get familiar with the existing tools. Thanks -- s3c b3n ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Pentesting lab s3c.b3n (Dec 29)
- Re: Pentesting lab Chris Griffin (Dec 29)
- Re: Pentesting lab Curt Shaffer (Dec 29)
- Re: Pentesting lab Felipe Martins (Dec 29)
- Re: Pentesting lab Scott (Dec 29)
- Re: Pentesting lab Robin Wood (Dec 29)
- RE: Pentesting lab Amardeep Singh (Dec 29)
- Re: Pentesting lab John Holbrook (Dec 29)
- Re: Pentesting lab Robert Portvliet (Dec 29)