Pentest labs to-go

[jean () krogh biz]

Hi all

I have a few questions regarding pentest labs.
I have personally learned alot from using some of the available pentest lab live'cds such as De-ICE, pwnOS, webgoat and 
DVL. 
One of the things I like about the live-cd labs, is the chance to try out new tools in a protected environment. And 
then of course to find the solution to the challenge. 

Now I am thinking about creating som ready-made labs for others to use. 

But what do you think makes up a good lab challenge? 
Is it a great and evolving story? And in this case which kinds of stories would be interesting? Unreal scenarios 
involving CIA, MI6, mafiosos, and somebody wanting world domination, or rather realistic pentest audition scenarios, 
like we see on our jobs? 

Is it more interesting to try-out newly found exploits on standard software/OS/Frameworks? 

Who do you think will be interested in playing with the pentest labs? Seasoned pentesters, college-students, 
script-kiddies?

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------