Home 0P3N Blog Favorite VMs To Practice On
Ready to Start Your Career?
Create Free Account
authors profile image
January 1, 2016

Favorite VMs To Practice On

January 1, 2016
authors profile image
January 1, 2016
Damn Vulnerable Web App -great to learn webapp engagements https://www.vulnhub.com/entry/damn-vulnerable-web-application-dvwa-107,43/ Damn Vulnerable Linux https://www.vulnhub.com/entry/damn-vulnerable-linux-dvl-15-infectious-disease,1/ Great resource for several different VMs to practice against https://www.vulnhub.com/ https://www.hacking-lab.com/index.html There are VMs of varying difficulties here and they even have walk-through if you get stuck. I have included a link on how to build such a lab. https://phoenixts.com/blog/how-to-build-a-virtual-lab-to-hack-computers-legally/ or https://resources.infosecinstitute.com/hacking-lab/#gref This is a great way to improve your skills LEGALLY and get familiar with tools, which we use for day to day work. Those are some good resources. I would also suggest Metasploitable which is an intentionally vulnerable OS designed for use when you are learning to use Metasploit. https://information.rapid7.com/metasploitable-download.html Metasploitable,Metasploitable2, and Metasploitable 3 all very good and there is a walk-through case if anyone gets stuck. Metasploitalbe 3 does require that you build it yourself but there is a howto and it's a Windows 2008 server, so you can practice for Windows! https://github.com/rapid7/metasploitable3 ( Download and build VM instructons) https://tehaurum.wordpress.com/2015/06/13/metasploitable-walkthrough-an-exploitation-guide/ (metasploitalbe) https://goo.gl/EnzHs3 (metasploitable 2) https://two06.blogspot.com/2016/12/metasploitable-3-walkthrough.html (Metasploitalbe 3) I hope this helps as it will give a safe environment for practicing and testing. I am just going to add good lab resources here so homemade lab references can be aggregated in one location. That said I came across a lab for pivoting. http://resources.infosecinstitute.com/pivoting-exploit-system-another-network/ What is pivoting? Pivoting is when for example you land on a client side computer then you use that machine as a launchpad to attacking other network assets. The following is a more detailed example and helps bring the idea home as well as shows examples http://www.blackhillsinfosec.com/?p=4888
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry