0

After watching videos and downloading just about every possible pen-testing tool out there to play around with and learn. How do you setup test beds and practice scenarios to crack?

With RE people make crackme.exe files. I was curious do people have virtual machine templates and other setups created for download that you can practice cracking.

Jason
  • 3,086
  • 4
  • 20
  • 24
  • What are you interested in? .. Pen-testing is a very broad field. Further specify what realm you are interested in - web pen, net pen, physical security, etc. Many virtual machines exist - for example, Kali linux (attack VM) and numerous 'victim' VMs that you can use in a local VM network. – octagonC Jun 09 '14 at 04:27
  • http://security.stackexchange.com/questions/183/vulnerable-oss – The Illusive Man Jun 09 '14 at 08:17
  • 1
    pentestlab.org ! – AK_ Jun 09 '14 at 11:13
  • I do server administration so mostly focused on web,net,server. – Jason Jun 09 '14 at 13:58

3 Answers3

2

I run a lab on a KVM virtualization setup. Among other things, I use Damn Vulnerable Linux, old versions of Ubuntu, and various VMs and software from VulnHub. I have an ethernet bridge acting as an internal switch and a virtual router between my test lab and my internet connection to isolate tests like ARP Spoofing, subnet-wide scans, etc.

David
  • 15,814
  • 3
  • 48
  • 73
1

Additional answer:

You may try to install DVWA (Damn Vulnerable Web Applications) locally at your computer. This web application is designed as vulnerable applications. It's free and open source, so you could read the source code. It's written in PHP, by the way.

zakiakhmad
  • 464
  • 3
  • 10
0

install VMware and install kali linux (goto http://kali.org/downloads). Kali linux is all in one pentesting software for pentester. Then install another OS on which you want to pentest, for example as David said download Damn Vulnerable Linux and you are done. Hope that will help ya.

Prakash
  • 332
  • 2
  • 14