Question about Pen Testing labs and vulnerable images

This topic contains 5 replies, has 4 voices, and was last updated by  veritas_libertas 4 years, 7 months ago.

  • Author
  • #8777

    I recently created a Pen Testing lab on an ESXI host at home. Currently I have the Metasploitable and the OWASP Broken Web Application images. Are there any others I should be aware of? I guess for that matter, what do you experienced pen testers do to lab at home?

  • #54072
  • #54073


    M0wgli, do you use a lab at home? What’s your approach to learning?

  • #54074

    I guess it all depends on your interests and level of knowledge. Are you more interested in Web App / Network pentesting, or maybe exploit dev etc. ?
    Besides the mentioned resources also try to include some windows targets in your environment ( win xp, win server 2000 etc.). One great book that walks you through building a lab and teaches you the fundamentals of pentesting is Penetration Testing: A Hands-On Introduction to Hacking, which was reviewed on EH-Net.

    For Linux exploitation you can try Exploit Exercises,
    as well as Corelan for Windows exploit writing.

    Hope this helps and gives you an idea to move forward ! Best of luck !

  • #54075

    Have a look at this, if you’re wanting to setup more ‘pre-built’ labs / images for practice. I found a few that were invalid links, before, but for the most part, they were all good.

  • #54076

    At this time my interest is in the Network Penetration side. I want to eventually expand, but only after I have a good grasp on Network pen testing.

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?