Lab Setup¶
A proper lab is the foundation of security practice
You can't learn penetration testing on production systems (illegal) and you can't become skilled without hands-on practice. A well-designed lab provides safe , repeatable environments for every skill level
Why a Lab?
- Legal testing environment (your playground)
- Repeatable scenarios (reset and retry)
- Multiple targets (different OS , services , configurations)
- Isolated from production (no accidental damage)
- Document your methodology (progression tracking)
Lab Design Principles
- Isolation - Lab network should not touch production
- Snapshots - Every VM needs clean-state snapshot
- Documentation - Write down IPs, credentials, vulnerabilities
- Resource Planning - RAM and disk space manage growth
- Segmentation - Different networks for different purposes
- Automation - Deploy and reset with scripts
Essential Lab Components
Attack Machine * Kali Linux or Parrot OS * All testing tools pre-installed * Multiple network interfaces
Target Machines * Vulnerable BY DESIGN VMs (Metasploitable, DVWA) * Real-world OS (Windows 10, Ubuntu Server) * Active Directory lab (Domain Controller + Workstations)
Network Infrastructure * Router/firewall (pfsense) * Network monitoring (Security Onion) * Log aggregation (ELK Stack)
Hardware Requirements
| Component | Minimum | Recommended |
|---|---|---|
| CPU | 4 cores | 8+ cores |
| RAM | 16 GB | 32+ GB |
| Storage | 256 GB SSD | 1 TB NVMe |
| Network | Integrated | Dual NIC |
Cloud Lab Options
- TryHackMe (guided rooms with infrastructure)
- HackTheBox (machines and challenges)
- Proving Grounds (PWK-style practice)
- AWS/Azure (deploy vulnerable infrastructure as code)
- DigitalOcean (for custom setups)