Labs are entirely built on virtual machines running on VMWare Workstation Player 16. The tool suite on Kali Linux is used to carry out exploits against vulnerabilities discovered on virtual machines running Windows and older versions of Linux.
| System | Description | |
|---|---|---|
 |
pfSense | Firewall |
 |
OPNsense | Firewall |
 |
Kali Linux | Tool suite for pentesting |
 |
Ubuntu 22.04.2 LTS | Linux machine with vulnerabilities |
 |
Metasploitable 2 | Linux machine with vulnerabilities |
 |
Windows 10 | Runs vulnerable web applications and services |
- All virtual machines are set to have bridged connections to have their own private IP. This is due to some issues in carrying out payloads from exploits that are attempting to connect to the same IP.
- OPNsense is configured to allow local traffic to pass through it's firewall.
- Metasploit Framework
- sqlmap
- aircrack-ng
- hashcat
- nmap
- Burp Suite Community Edition
- Rapid7 Vulnerability & Exploit Database
- Exploit Database
- nmap:
- vulscan for vulnerability scanning.
- ftp-brute, ftp-anon, and mysql-brute for ftp/SQL login credential enumeration.
- Cross site scripting
- Backdoor command execution
- Default login credentials/Common passwords
- SQL injections
- Buffer overflows
