Home page logo

pauldotcom logo PaulDotCom mailing list archives

Re: [GPWN-list] Pen Testing Lab Images/Systems setup
From: Robin Wood <robin () digininja org>
Date: Wed, 27 Nov 2013 17:15:26 +0000

Did this happen in the end? Did anyone get a recording of it as I couldn't
get to it.

On 18 Nov 2013 17:41, "Hirt, Rand W" <Rand.Hirt () providence org> wrote:

 *How To Build Your Own Low Cost HackLab – FREE Webinar*

Thursday, November 21, 2013 1:00 PM - 3:00 PM EST




*From:* gpwn-list-bounces () lists sans org [mailto:
gpwn-list-bounces () lists sans org] *On Behalf Of *xgermx
*Sent:* Monday, November 18, 2013 7:51 AM
*To:* Jamil Ben Alluch
*Cc:* PaulDotCom Security Weekly Mailing List; gpwn-list () lists sans org
*Subject:* Re: [GPWN-list] Pen Testing Lab Images/Systems setup

Sorry, I don't have a direct link but, Joe McCray is hosting a "Building A
Low Cost HackLab" webinar this week.
(It was rescheduled from last week to this week). Keep an eye on Twitter;
I'll update this thread with the link when it's shared.

On Sun, Nov 17, 2013 at 9:13 AM, Jamil Ben Alluch <jamil () autronix com>

Thank you all for all the great responses. Lots of information here!

I appreciate it greatly.

Best Regards,


Jamil Ben Alluch, B.Ing., GCIH


*jamil () autronix com* <http://www.autronix.com>

*+1-819-923-3012* <http://www.autronix.com>


On Sun, Nov 17, 2013 at 9:34 AM, Joseph Brand <*joe () joebrand net*> wrote:<http://www.autronix.com>

TechNet was replaced with free to download 180 day trials so you can still
get access to ISOs and install MS stuff.  Just a pain to rekey, or mess
with changing the OS date / time settings to keep it within the trial.

I like to run a couple of the recent versions at home for trial scans and
finding ways in.

Joe <http://www.autronix.com>

*From: Robin Wood Sent: 11/17/2013 9:03 AM To: Ed Skoudis Cc:
gpwn-list () lists sans org Subject: Re: [GPWN-list] Pen Testing Lab
Images/Systems setup <http://www.autronix.com>*

On 17 November 2013 13:46, Ed Skoudis <*ed () counterhack com*> wrote:
Great stuff, guys!

You also may want to check out the mind map by Aman Hardikar .M.  Great


He allowed us to put it on the SANS Pen Test poster, and I'm very
for that.


If asked last year I'd have suggested MS TechNet as a great way to get
licences for most MS products but they have cancelled that program now
so can't subscribe any more :(

I would suggest though looking through some of the MS tutorials on how
to set up their tools, for example this on SharePoint
*http://technet.microsoft.com/en-us/library/jj658588.aspx* . It tells
you how MS would expect the systems to be set up so gives you a good
idea of the base level for a lot of builds.


On Nov 16, 2013, at 11:52 PM, Julian Makas <
*jmakas () mimictechnologies com*>

We have a couple scenarios in play at my place.

Our "attack lab" has all of the normal pwn-able images (ie.
DVWA, etc.).

Out "test lab" is 1/2 Fort Knox and 1/2 realistic network based on what
are seeing as a norm amongst our clients.

The Fort Knox side is a sudo war games between our admin group and
group where the realistic side tries to mimic a common baseline of what
see going on in our client networks. This give us some red and blue team

Attack lab is for training.

Hardened and baseline networks are for training and bragging rights but
mostly used for testing engagement scenarios where we have to step
of the box.

What do you need your lab to do for you? Let you train? Let you test poc
new concepts? Crash your lab box before you crash a clients server while
an engagement?

It all depends on what you want to do, but you'll eventually want
aspects of
all of these.

- J

Sent from my iPhone

On Nov 16, 2013, at 7:16 PM, "James Shewmaker" <*james () bluenotch com*>

On Sat, Nov 16, 2013 at 2:29 PM, Jamil Ben Alluch <*jamil () autronix com*>


This may be a recurring question, but I still wanted to get some input.

What kind of systems do you normally use for your pen-testing labs; more
specifically, are there pre-set images that you use for testing
vulnerabilities and practice ("Ready-to-Hack" systems)?

Hi Jamil,

You can get started with *vulnhub.com*. They have some free (but hosted
VPN) pre-configured scenarios, including some you can download. The
vuln-injector program they have is great for weakening a random Windows
so you can experiment with a closer-to-real-world target. There is also
scenario engine, currently in closed beta, at *bunker011.com* (almost
different hosted VMs)--you could try registering and see if you get

It would be interesting to see if you could use the free VPN hosted
projects, and use dd+netcat to steal them ... Interested, not endorsed!

gpwn-list mailing list
*gpwn-list () lists sans org*

gpwn-list mailing list
*gpwn-list () lists sans org*

gpwn-list mailing list
*gpwn-list () lists sans org*

gpwn-list mailing list
*gpwn-list () lists sans org*

gpwn-list mailing list
*gpwn-list () lists sans org*


gpwn-list mailing list
*gpwn-list () lists sans org*



This message is intended for the sole use of the addressee, and may
contain information that is privileged, confidential and exempt from
disclosure under applicable law. If you are not the addressee you are
hereby notified that you may not use, copy, disclose, or distribute to
anyone the message or any information contained in the message. If you have
received this message in error, please immediately advise the sender by
reply email and delete this message.

gpwn-list mailing list
gpwn-list () lists sans org

Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]