Lab Setup Guide

Virtualization Platform

Option 1: VirtualBox (Free)

# Debian/Ubuntu
sudo apt install virtualbox virtualbox-ext-pack

# Windows: Download from https://www.virtualbox.org/wiki/Downloads

Option 2: VMware Workstation/Fusion

• Proprietary but better performance on Windows/Mac
• Free for personal use: VMware Workstation Player

Network Configuration

Isolated Lab Network

Create a host-only or internal network so VMs can't reach your production network:

VirtualBox: Settings → Network → Host-Only Adapter
VMware: Virtual Network Editor → VMnet2 (Host-Only)

VPN Lab Access

# Download HTB VPN pack
# Connect to HTB labs
openvpn --config user.ovpn --config lab.ovpn

# Verify connection
ip a | grep tun
ping 10.10.14.1

Essential Lab VMs

1. Kali Linux (Attacker)

# Download OVA
# VirtualBox: File → Import Appliance → Select .ova
# Allocate: 4 CPU, 8GB RAM, 100GB disk
# Host-only networking for isolation

2. Metasploitable 2 (Vulnerable Linux)

• Download from SourceForge
• Credentials: msfadmin / msfadmin
• Network: Same isolated subnet as Kali
• IP typically: 192.168.56.101/24

3. Windows 10 Evaluation (Target)

• Download from Microsoft evaluation center
• Use for: AD attacks, client-side exploits, privilege escalation

4. DVWA (Web App Lab)

# Option A: Install on Kali
sudo apt install dvwa

# Option B: Docker
docker run --rm -p 80:80 vulnerables/web-dvwa

# Option C: Standalone VM
# Download from http://www.dvwa.co.uk/

Home Lab Architecture

┌─────────────────────────────────────────────────────────────┐
│                     Host Machine                            │
│  ┌─────────────────────────────────────────────────────┐    │
│  │           VirtualBox / VMware                        │    │
│  │  ┌─────────────┐  ┌─────────────┐  ┌────────────┐  │    │
│  │  │ Kali Linux  │  │Metasploitable│  │ Windows 10 │  │    │
│  │  │  (Attacker) │  │   (Target)  │  │  (Target)  │  │    │
│  │  │ 10.0.0.4/24 │  │10.0.0.5/24  │  │10.0.0.6/24 │  │    │
│  │  └─────────────┘  └─────────────┘  └────────────┘  │    │
│  └─────────────────────────────────────────────────────┘    │
└─────────────────────────────────────────────────────────────┘
         │                │                │
         └────────────────┴────────────────┘
              Isolated Host-Only Network

Quick Start Commands

On Kali (Attacker)

# Find targets
nmap -sn 10.0.0.0/24

# Discover services
nmap -sV -sC -p- 10.0.0.5

# Start Metasploit
msfconsole

Service Discovery on Metasploitable

# Typical open ports
21/tcp  ftp
22/tcp  ssh
23/tcp  telnet
25/tcp  smtp
80/tcp  http
111/tcp rpcbind
139/tcp netbios-ssn
445/tcp microsoft-ds
3306/tcp mysql
5432/tcp postgresql

Docker-Based Labs (Alternative)

# Install Docker
curl -fsSL https://get.docker.com | sh
sudo usermod -aG docker $USER

# Web app labs
docker run --rm -p 80:80 vulnerables/web-dvwa
docker run --rm -p 8080:8080 raesene/bwapp

# Juice Shop (OWASP)
docker run --rm -p 3000:3000 bkimminich/juice-shop

# Start multiple labs
docker run --rm -d --name dvwa -p 80:80 vulnerables/web-dvwa
docker run --rm -d --name juice-shop -p 3000:3000 bkimminich/juice-shop

Cloud Labs (No Local VM Needed)

Platform	Cost	Use Case
TryHackMe	Free tier / $10/mo	Beginners, structured learning
HackTheBox	$10/mo	Intermediate-advanced
Offensive Security Labs	$15/mo	OSCP prep
PentesterLab	$10/mo	Web-specific

Post-Setup Checklist

• [ ] Kali VM boots and has network access to Metasploitable
• [ ] Can run nmap -sV 10.0.0.5 from Kali and see results
• [ ] Metasploitable SSH accepts connection (msfadmin/msfadmin)
• [ ] Can access DVWA in browser from Kali
• [ ] VPN connects for HTB/THM access
• [ ] Tools updated: sudo apt update && sudo apt upgrade -y

Next Steps

With your lab ready, proceed to Week 1: Foundations to begin building your hacking skillset.