Infoseclabs the security playground for building and breaking - Updated
-
Upload
sneakerhax -
Category
Technology
-
view
2.530 -
download
0
Transcript of Infoseclabs the security playground for building and breaking - Updated
Who am I?• Systems Administrator• IT & Security consultant• Coder• Sneakerhead• Noob “If you don’t think you’re a noob, you’re not trying hard enough” - HDMoore
What is InfosecLabs?A penetration testing lab designed and built for the purpose of teaching, researching, and testing offensive & defensive security techniques.
What does that mean?• Practicing offensive and defensive security techniques• Testing POC code for students/pentesters• Testing of tools• Hosting private research• Teaching classes• Help other’s build their own lab
Why?
http://www.room362.com/2015/09/hacking-advice-for-krystropolis.html
I finally ended up thinking about what would have been the best advice for me, growing up, for "how to learn hacking", and I boiled it down right before I pulled into my drive way to two words: "Build It". For me personally, I didn't start to really understand attackers, attacks, or even simple defense strategies until I started to try to build it myself.
Lab AdminsAnthony - Creator/Admin - Twitter: @iamthehonzJustin - Admin - Twitter: @sneakerhax
ContributorsGrant - Contributor - Twitter: @tekwizz123
What’s in the lab?• Windows domain/services• Exchange 2013(fully functional)• Windows Server 2012 R2
Domain controller• Windows IIS• Windows 2008 R2 File Server• Windows Sharepoint
Foundation 2013• Windows 10• Windows 8.1• Windows 7• Windows Vista• Windows XP• Varying Internet Explorer
versions
• Red Hat Linux• Web Servers(Linux)• OpenVAS• DMZ• Kali Linux• Security Onion• Metasploitable 2• Owasp Mutillidae• Hacking - The Art of Exploitation live cd• Pentesterlab - Web for Pentesters I• Pentesterlab - Web for Pentestters II• Pentesterlab - SQL injection to Shell• Custom vulnerable virtual machines
Specs• 2 Hosts(clustered)• VMware ESXi 5.1• Cisco 5505 ASA firewall• HP SG500 switch• CPU 35 GHZ• Memory 127.86 GB• Storage 14.37 TB
What can I learn?• Web Application Penetration Testing• Active Directory• Local and domain accounts• Penetration Testing with EC2 and other cloud providers• Privilege escalation• Lateral movement• Vulnerability analysis• Reverse shells, stagers, payloads, pivoting• Password cracking
Future of InfosecLabs?• AV evasion lab• Malware analysis lab• Domain Trust• Red Team• Blue Team• More Research
Lab building resources• Microsoft Edge Dev - https://dev.modern.ie/tools/vms/windows/ • Technet Evaluation Center - http://www.microsoft.com/en-us/evalcenter/• Bizspark - https://www.microsoft.com/bizspark/ • VulnHub - https://www.vulnhub.com/• PentesterLab - https://pentesterlab.com/ • Reddit /r/homelab - https://www.reddit.com/r/homelab
Contact Us:Website: www.Infoseclabs.net Twitter: @infoseclabsEmail: [email protected]: [email protected] IRC: Freenode #infoseclabs