Building a Practice Lab

The best way to develop ethical hacking skills is through hands-on practice in a safe, legal environment. This lesson covers how to build your own hacking lab, where to find vulnerable machines, and how to progress your cybersecurity career.

---

Why You Need a Lab

• Legal safety — practise attacks without risking criminal charges
• Repeatable learning — reset machines and try different approaches
• Certification prep — labs mirror exam environments (OSCP, CEH)
• Portfolio building — document your learning for job applications

Tip: Never practise hacking techniques on systems you do not own or have explicit permission to test. Always use your own lab or authorised platforms.

---

Lab Architecture

A typical home lab uses virtualisation to run multiple machines:

┌─────────────────────────────────────────┐
│          Host Machine (Your PC)          │
│                                          │
│  ┌─────────────┐  ┌──────────────────┐  │
│  │ Kali Linux  │  │ Vulnerable VMs   │  │
│  │ (Attacker)  │  │ ┌──────────────┐ │  │
│  │             │  │ │ Metasploitable│ │  │
│  │ Tools:      │  │ │ DVWA         │ │  │
│  │ - Nmap      │  │ │ VulnHub VMs  │ │  │
│  │ - Metasploit│  │ │ HackTheBox   │ │  │
│  │ - Burp Suite│  │ └──────────────┘ │  │
│  └─────────────┘  └──────────────────┘  │
│                                          │
│  ┌────────────────────────────────────┐  │
│  │    Internal Virtual Network        │  │
│  │    (Host-Only or NAT Network)      │  │
│  └────────────────────────────────────┘  │
└─────────────────────────────────────────┘

---

Setting Up Virtualisation

VirtualBox (Free)

Feature	Details
Cost	Free and open source
Platforms	Windows, macOS, Linux
Snapshots	Save and restore VM states
Networking	NAT, Host-Only, Internal, Bridged
Performance	Good for most lab scenarios

VMware Workstation / Fusion

Feature	Details
Cost	Free (Player) / Paid (Pro)
Platforms	Windows (Workstation), macOS (Fusion)
Snapshots	Full snapshot trees
Performance	Generally faster than VirtualBox

Recommended Network Configuration

Network Type	Use Case	Internet Access
Host-Only	Isolated lab network (most secure)	No
NAT Network	Lab with internet access for updates	Yes (outbound only)
Internal	VM-to-VM only communication	No
Bridged	VMs on your real network (use cautiously)	Full

Tip: Use a Host-Only network for your lab to prevent accidental exposure of vulnerable machines to the internet.

---

Kali Linux — Your Attack Platform

Kali Linux is the standard penetration testing distribution:

Installation Options

Method	Description
VM image	Pre-built VirtualBox/VMware images (recommended)
ISO install	Full installation from ISO
WSL	Windows Subsystem for Linux (limited)
Docker	Containerised Kali
Live USB	Boot from USB without installation

Essential Tool Categories

Category	Tools
Reconnaissance	Nmap, theHarvester, Recon-ng, Maltego
Web testing	Burp Suite, OWASP ZAP, sqlmap, Gobuster
Exploitation	Metasploit, SearchSploit, msfvenom
Password cracking	Hashcat, John the Ripper, Hydra
Wireless	Aircrack-ng, Kismet, Wifite
Post-exploitation	Mimikatz, LinPEAS, WinPEAS, Chisel
Networking	Wireshark, Bettercap, Responder
Forensics	Autopsy, Volatility, binwalk

---

Vulnerable Machines and Platforms

Intentionally Vulnerable VMs