Skip to content

VMware

VMware dominates enterprise virtualization
VMware Workstation Pro (desktop) and ESXi/vSphere (enterprise) are industry standards for both production and lab environments

VMware Workstation Pro

Desktop hypervisor for Windows and Linux:

# Install on Linux
sudo apt install vmware-workstation  # Or download from vmware.com
sudo vmware-modconfig --console --install-all  # Build kernel modules

# Key features
# - Snapshots with branching
# - VM encryption
# - Virtual network editor (custom topologies)
# - Unity mode (seamless app integration)
# - USB passthrough
# - Nested virtualization

Creating a VM

  1. File -> New Virtual Machine
  2. Typical (recommended) or Custom
  3. Installer disc image file (ISO)
  4. Guest OS type and version
  5. VM name and location
  6. Disk size (split vs single file)
  7. Customize hardware (CPU, RAM, network, USB)

VMware Network Editor

Access: Edit -> Virtual Network Editor

  • VMnet0 - Bridged (auto or specific NIC)
  • VMnet1 - Host-only (private to host)
  • VMnet8 - NAT (shared IP with port forwarding)
  • VMnet2-7 - Custom networks (internal)

For penetration testing labs: * Set Kali to VMnet8 (NAT for internet) * Set targets to VMnet2 (internal network) * Add host-only for management access

Key CLI Tools

# List running VMs
vmrun list

# Start VM headless
vmrun start /path/to/vm.vmx nogui

# Stop VM
vmrun stop /path/to/vm.vmx

# Take snapshot
vmrun snapshot /path/to/vm.vmx "Clean Install"

# Revert to snapshot
vmrun revertToSnapshot /path/to/vm.vmx "Clean Install"

# Run command in guest
vmrun runProgramInGuest /path/to/vm.vmx -gu user -gp pass "cmd.exe"

VMware ESXi (Enterprise)

Bare-metal hypervisor:

  • Web interface for management (vSphere)
  • Resource pooling (CPU, RAM, storage)
  • High availability and live migration
  • API-driven automation (PowerCLI, SDK)
  • Snapshots and templates
# PowerCLI automation (PowerShell)
Connect-VIServer -Server esxi-host
Get-VM
New-VM -Name "Target" -Template "Win10-Template"
Get-Snapshot -VM "Target"

Security Considerations

  • VMware Tools in guests can be attack surface
  • VM Escape vulnerabilities exist (rare but critical)
  • Shared folders can leak data between host and guest
  • Snapshots consume disk space rapidly
  • Encrypted VMs impact performance