Home 0P3N Blog (Idea) Blue-Team Version Of Vuln Hub?
Ready to Start Your Career?
Create Free Account
authors profile image
January 1, 2016

(Idea) Blue-Team Version Of Vuln Hub?

January 1, 2016
authors profile image
January 1, 2016
I've been going through the book "The Basics of Ethical Hacking and Penetration Testing", and recently checked out VulnHub.com to look at other vulnerable Virtual Machines for testing and practice in my lab environment - and then a thought struck me: Would anyone else find it valuable to set up a site where people post Vulnerable virtual machines, and the "points" are awarded by both capturing the flag (i.e. Red Teaming the box) and then also posting a response with a "Secured" version of the Virtual Machine for others to try and penetrate? Points could then accumulate for a certain period of time for the response-machine that is secured the longest? Just curious what others thoughts were on this idea. Erik you might be interested in this https://www.cis.syr.edu/~wedu/seed/labs.html, http://cyberaces.org/, https://trailofbits.github.io/ctf/ , https://ctftime.org/ctf-wtf/. Just a thought. I think a section devoted to setting up your own virtual lab environment for network+ and security+ for people who are on a budget and cannot afford to purchase additional equipment or lab time would be helpful also. I think that creating a brief write-up for setting up your own virtual lab environment would be pretty easy to put together. I'll see if I have the cycles the get it together! Thanks for the pointer to Vuln.Hub.com or Cyberaces, I haven't come across those before so will check them out :) You might also be interested in checking out a site named "Hack.me", aka The house of the rising sandbox, which is a FREE, community based project powered by eLearnSecurity. According to the site intro, its aim is to be the largest collection of "runnable" vulnerable web applications, code samples and CMS's online, all for educational and research purposes. You can find it by searching for Hack.me or by visiting https://hack.me/ Hope this helps, Chambo Thanks for the reply. Correction for site listed https://ctftime.org/ for list of competitions. This site has access to free cisco and juniper router lab time. http://www.sharontools.com/online-lab/. Might be useful to add to free resource list for network+ Cant thank the participants in this forum enough. I just became aware of https://www.vulnhub.com/ a couple of days ago but haven't tried it yet. Hackme and SharonTools are awesome tools for learning. The one I found most interesting is SEED LABS. This one is being used by many schools for testing purposes. Again, thank you to everyone for the postings. Thanx for links to Vuln Hub && Cyber Aces. Wasn't aware of them, especially Cyber Aces. Glad I could help :) I've recently been messing around in my own lab on Kali & Metasploitable2... Now that I've obtained root 7 ways to Sunday on Metasploitable2, it's probably time I either try to harden the Metasploitable2 VM, or find other VMs to attack (or both!)
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry