|Preview eForensics Magazine 2016 11 Build Your PenTest Lab.pdf|
This eBook is based on workshop materials from our “How to build your own pentest lab” online course. It does not include everything the course did - obviously, we had to leave out all videos and graded assignments. While the text is all here, the videos do teach extra information, show other types of scans and go deeper into some programs and vulnerabilities. We believe that this eBook is great for setting up the basics, but if you would like to learn more, please consider joining the course.
Build your own PenTest lab - we mean it! With this eBook, you decide on your configuration! Want to scan BeeBox with Kali using VMPlayer? Great, here's a step-by-step. Feel more like scanning Metasploitable with Ubuntu running on VirtualBox? That's here too. Mix and match, or get all of them, your choice.
Described in this eBook:
- Installation and usage of BOTH VMPlayer and VirualBox
- Installation and usage of BOTH Kali Linux and Ubuntu
- Installation and usage of BOTH Metasploitable and BeeBox vulnerable machines
Paul Janes, CISSP, GIAC – GISP, is an Information Security Analyst at Corning Incorporated with over 19 years of experience in IT Security, (DLP) Data Loss Prevention, Project Management and Server Management. He has been involved in creating his own ethical hacking lab and enhancing his skills as an ethical hacker.
The course is self-paced – you can visit the training whenever you want and your content will be there.
18 CPE points
Once you’re in, you keep access forever, even when you finish the course.
There are no deadlines, except for the ones you set for yourself.
We designed the course so that a diligent student will need about 18 hours of work to complete the training.
You time will be filled with reading, videos, and exercises.
TABLE OF CONTENTS
PAGE 7: Pre-Course Materials
Why Do I Need a Pen Test Lab
Creating Directory Structure For the Course\
Download Virtual Images
Acquire Nessus Licenses
PAGE 13: Module 1 The Build:
Some Basic Linux Commands You Need to Know
Installation of VMPlayer and Virtual Box. You Decide, We Will Cover Both.
Setup of Our Penetration Testing System – Kali Linux Distribution
Setup a Linux Client as a Virtual Machine
Setup Our First Vulnerable Machine Metasploitable2
Setup Our Second Vulnerable Machine Bee-box (BWAMP)
PAGE 64: Module 2 Port Scanning:
Nmap and Zenmap Installation
Nmap Basic Scanning
ZenMap Basic Scanning
PAGE 147: Module 3 Vulnerability Scans:
Installation Nessus Vulnerability Scanner Windows
Installation Nessus Vulnerability Scanner Kali Linux
Installation Nessus Vulnerability Scanner Ubuntu
Basic Nessus Scanning Metasploitable2
Basic Nessus Scanning Bee-box
PAGE 249: Module 4 Advanced Scanning and Reporting:
Nessus Advanced Scans
Nmap Advanced Scans