If you want to dive into Ethical Hacking, Penetration Testing, or become a bug bounty hunter, you will need a Virtual Penetration Testing Lab. In this post, we will handle precisely that. Setting up a virtual penetration testing lab and look at the differences between virtualization and cloud technology.
Why Setup a Virtual Penetration Testing Lab?
A virtual penetration testing lab creates a safe and convenient environment for ethical hackers to sharpen their skills and test the various security tools available in the cybersecurity field. However, it provides much more than just convenience.
It gives users a legal platform to test their software. As a rule, you can’t just go out there and start hacking web systems and software without administrative permission from the owner. It is considered illegal, and depending on a country’s laws; you can even be jailed. For example, individuals who violate the Computer Fraud and Abuse Act (CFAA) are liable to a five-or ten-year jail term with fines included. Therefore, a virtual lab acts as a haven to practice your skills without compromising other people’s digital systems.
One more advantage of a virtual lab is that it isolates you from real-world systems and even your host machine. Some attacks carried out while practicing ethical hacking can seriously impact the network and the system itself. For example, if you are handling Malware Analysis, you will deal with real-world viruses. If these viruses happen to leak to an external system or even your computer, they will have a severe impact, and in some cases, the damage might be irreversible. With a virtual lab, you are assured that you are working within a confined environment, and only the target system will be impacted.
The puzzle that comes with setting up a virtual lab is whether to use Physical devices, virtualization technology, or a mix of both. Let’s look at the differences between the two.
Physical Hardware vs. Virtualization
When setting up a virtual lab, you can decide to use Physical hardware or Virtualization. The main difference between the two scenarios is cost. However, both have their advantages and disadvantages.
With physical hardware, you will need PCs to hold your target machines (Victim machine) and your Exploitation OS/tool (Attacker machine). You will also need additional devices like routers and switches to create a personal network that is completely isolated from the outside network.
On the other hand, virtualization technology allows you to run an instance of a computer system in a layer utterly abstracted from the primary hardware. That is made possible by using some of the popular virtualization software we have in the market, like VMware and Virtual Box. For example, if you are running a Windows system, you can install VMware and run Kali Linux inside your Windows OS, as shown in the image below.
The main advantages of virtualization technology are cost and scalability. You can efficiently run several operating systems on a single PC and still attain the same functionality as running these systems on physical hardware. Additionally, most virtualization software includes the snapshot feature that allows you to go back to a particular state of the machine. That comes in handy in case you mess up with your installation.
On the other hand, physical hardware gives you simulation accuracy and a variety of devices to use. Even though you can run most systems with virtualization technology, some will not function properly on virtual machines as they would on physical hardware. For example, Apple OS can only be used legally on Apple hardware. Additionally, some functionality like wireless network (WIFI) is only available on physical hardware and not on virtual machines.
Cloud-based and Locally-hosted Virtual Machines
Virtualization technology is available in two main ways - Cloud-based virtualization and locally-hosted virtualization.
As the name suggests, this is a scenario where you host your virtual machines in cloud servers provided by various cloud service providers. Some of the most notable include Amazon Web servers (AWS), Linode, OVHcloud, and many more. Cloud-based virtualization comes in handy when you want to use hardware that you can acquire locally. For example, you might consider renting a server with a dedicated Graphics Processing Unit (GPU) if you are into cracking passwords.
That is the method we will use in this tutorial to set up our virtual penetration testing lab. With local-hosted virtualization, we will use our PC to run our virtual machines using the various virtualization software we have in the market today. Some of the most notable include VMware and Virtualbox.
The main difference between the two is that VMware is a commercial app and requires licensing for you to enjoy its unlimited features, while Virtualbox is open source and free. From my experience, as I have worked with the two applications extensively, I would highly recommend using VMware. The paid version comes with tonnes of exciting features compared to its counterpart VirtualBox. Luckily, you can find some of the VMware Workstation registration keys online if you know how to use Google. As of writing this post, I am running VMware Workstation 16 Pro.
Tip: If you are confused about which Virtualization software to use, download both of them and test them both. VMware workstation gives you 30 days free, while Virtualbox is open source and free.
Step 1: Install Your Desired Virtualization Software
For this particular post, we will use VMware Workstation for Linux since my host Operating System is Ubuntu. You don’t have to buy the product now as it gives you a 30-day free trial period.
Step 2: Choose and Setup Your Penetration Testing Distribution
The first step to setting up a virtual lab is choosing your desired penetration testing distribution. Some of the most popular operating systems for ethical hacking include Kali Linux, Parrot, and BlackArch. The debate on the best hacking distribution is always a heated argument since everybody has their own opinion. From my experience, my advice would be - download all the three distributions and any other you might have in mind and test each one of them separately until you are contented with one.
For this tutorial, we will use Kali Linux as our attacker machine. Previously, we did a step-by-step guide on installing Kali Linux in Virtualbox. Today, we will install Kali Linux on VMware but using even a much simpler method.
Unlike in Virtualbox, where we used the Kali Linux (Bare Metal) ISO file, we will use the Kali Linux Virtual Machine file for VMware. There is also a Kali Linux virtual machine file for Virtualbox.
From the image above, you can see they have support for both 64-bit and 32-bit system architecture. In my case, I will download the VMware 64-bit file. If the downloaded file is in a zipped format (Kali Linux.7z), extract it first to retrieve the Kali Linux Vmware Folder, containing several files.
Once done, launch VMware and follow the steps below:
Click on the File menu and click Open.
The file manager window will open. Navigate to the VMware folder you recently extracted and select the Kali Linux.vmx file. Click Open.
The VMware window will open, showing you the Kali Linux distribution with all the preset configurations. You might consider editing these settings to match the hardware of your PC. Click the Edit virtual machine settings button.
The Virtual Machine Settings window will open. We will focus on three main items - Memory, Processors, and Network Adapter.
Ensure you assign enough memory to run the Kali Linux system and leave enough memory for the host OS. For example, since I have 6GB of RAM, I will assign 2GB for the Kali system and leave 4GB for my host OS (Ubuntu).
For the network adapter, ensure it is set to the bridged adapter and not NAT. When done, click Save to apply the configurations. The image below shows my new configurations.
That’s it! You are done with setting and configuring your Kali Linux system. Let’s proceed and set up the vulnerable system that we will exploit.
Step 3: Download and Setup Metasploitable 2
Up to this point, we have successfully downloaded and set up Kali Linux on the VMware workstation. That will act as our attacker machine. Now we need to set up a vulnerable system that will serve as our victim machine. For this post, we will use Metasploitable 2.
Metasploitable 2 is a Linux system developed to be intentionally vulnerable. It is mainly used to practice security testing and contains other vulnerable web applications like DVWA, BWAPP, and Mutillidae. Follow the steps below to get started with setting up Metasploitable.
- Download Metapsloitable 2. It will download as a zipped file (around 865 MB)
- Extract the zip file. You will see a new Metasploitable folder containing several VMware files.
- Launch the VMware Workstation app. Click on the File menu and select Open.
The file manager window will open. Navigate to the newly extracted Metasploitable folder and select the Metasploitable.vmx file. Click Open.
The VMware window will open, showing your new Metasploitable system with all the preset configurations. Like we did for the Kali system, we will need to change these settings to match our system hardware. Click the Edit virtual machine settings button. We will focus on three main items, memory, processor, and the network adapter. Ensure the Network adapter is set to Bridged.
The image below shows the configurations I am using for my Metasploitable Virtual Machine.
That’s it! We have successfully set up our lab with both the attacker machine (Kali Linux) and the victim machine (Metasploitable 2). You can see this clearly in the image below.
This lab setup is not final. As you advance your skills, consider installing more vulnerable penetration testing and vulnerable systems. You can consider testing systems like OWASP Samurai Web Testing Framework, BlackArch Linux, Parrot, Windows Vulnerable Virtual Machines, and many more.
A virtual lab is a critical requirement for any penetration tester out there. Whether they are just getting started with their career or advancing their skills in Ethical Hacking. I believe this post has given you a step-by-step guide in setting up your own virtual penetration testing lab. As stated above, consider adding more systems and tools for your lab as you advance your hacking skills.
He is the founder of GoLinuxCloud and brings over a decade of expertise in Linux, Python, Go, Laravel, DevOps, Kubernetes, Git, Shell scripting, OpenShift, AWS, Networking, and Security. With extensive experience, he excels in various domains, from development to DevOps, Networking, and Security, ensuring robust and efficient solutions for diverse projects. You can reach out to him on his LinkedIn profile or join on Facebook page.