Lab Environment Setup
Complete guide to setting up an isolated, safe lab environment for hands-on security practice
Lab Environment Setup
Why a Dedicated Lab Environment?
Before you execute any attack technique from this book, you need a safe, isolated environment where you:
- Have full authorization to test
- Cannot accidentally affect production systems
- Cannot impact other users or networks
- Can reset to a clean state easily
- Can capture traffic without legal concerns
This chapter walks you through setting up such an environment. Do not skip this chapter. Practicing attacks on unauthorized systems is illegal and unethical.
Lab Architecture Overview
Weβll build a complete lab environment that supports all exercises in this book:
Lab Architecture
Lab Architecture:
ββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Your Physical Host β
β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Host-Only Network β β
β β (192.168.56.0/24) β β
β β β β
β β βββββββββββββ βββββββββββββ βββββββββββββ β β
β β β Kali β β Target β β Target β β β
β β β Linux β β (Metaspl- β β (DVWA, β β β
β β β β β oitable) β β WebGoat) β β β
β β β .100 β β .101 β β .102 β β β
β β βββββββββββββ βββββββββββββ βββββββββββββ β β
β β β β
β β βββββββββββββ βββββββββββββ βββββββββββββ β β
β β β Windows β β Ubuntu β β pfSense β β β
β β β Target β β Server β β Firewall β β β
β β β β β β β (optional)β β β
β β β .103 β β .104 β β .1 β β β
β β βββββββββββββ βββββββββββββ βββββββββββββ β β
β β β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β [NAT Network for Internet access when needed - separate] β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββKey principles:
- Host-only networking isolates lab from your real network
- Multiple target VMs provide diverse practice environments
- Kali Linux serves as your attack platform
- Optional firewall VM for network security testing
Minimum Requirements
Hardware Requirements
| Component | Minimum | Recommended |
|---|---|---|
| CPU | 4 cores | 8+ cores |
| RAM | 16 GB | 32+ GB |
| Storage | 100 GB free | 250+ GB SSD |
| Network | Any | Gigabit Ethernet |
Why these requirements?
- Multiple VMs run simultaneously (each needs 2-4 GB RAM)
- Storage for VM snapshots and traffic captures
- CPU for running attacks and analysis tools
Software Requirements
| Component | Options |
|---|---|
| Host OS | Windows 10/11, macOS, Linux |
| Hypervisor | VirtualBox (free), VMware Workstation/Fusion |
| Additional | Wireshark (optional on host) |
Option 1: VirtualBox Setup (Recommended for Beginners)
VirtualBox is free, cross-platform, and sufficient for all exercises.
Step 1: Install VirtualBox
Windows:
# Download from virtualbox.org
# Or use winget:
winget install Oracle.VirtualBoxmacOS:
# Using Homebrew:
brew install --cask virtualbox
# Note: You may need to allow kernel extensions in System PreferencesLinux (Debian/Ubuntu):
sudo apt update
sudo apt install virtualbox virtualbox-ext-packStep 2: Create Host-Only Network
VirtualBox Menu β File β Host Network Manager β Create
VirtualBox Menu β File β Host Network Manager β Create
Configure:
- Name: vboxnet0 (or default name)
- IPv4 Address: 192.168.56.1
- IPv4 Mask: 255.255.255.0
- DHCP Server: Enable
- Server Address: 192.168.56.100
- Lower Bound: 192.168.56.101
- Upper Bound: 192.168.56.254Step 3: Download Required VMs
| VM | Purpose | Download |
|---|---|---|
| Kali Linux | Attack platform | kali.org/get-kali |
| Metasploitable 2/3 | Intentionally vulnerable | sourceforge.net/projects/metasploitable |
| DVWA | Web app testing | github.com/digininja/DVWA |
| VulnHub VMs | Various targets | vulnhub.com |
Step 4: Import Kali Linux
- Download Kali VirtualBox image (.ova)
- File β Import Appliance β Select .ova
- Adjust settings:
- RAM: 4096 MB minimum
- CPUs: 2 minimum
- Network: Host-only Adapter (vboxnet0)
- Import and start
Post-import configuration:
# Update Kali (first boot)
sudo apt update && sudo apt full-upgrade -y
# Verify network
ip addr show
ping 192.168.56.1 # Should reach host
# Set static IP (optional)
sudo nano /etc/network/interfaces
# Add:
# auto eth0
# iface eth0 inet static
# address 192.168.56.100
# netmask 255.255.255.0Step 5: Import Vulnerable Targets
Metasploitable 2:
1. Download from SourceForge
2. Extract .vmdk file
3. New VM β Type: Linux, Version: Ubuntu 64-bit
4. Use existing disk β Select extracted .vmdk
5. Network: Host-only Adapter
6. Start (login: msfadmin/msfadmin)DVWA (Docker method - on Kali):
# Install Docker on Kali
sudo apt install docker.io
sudo systemctl start docker
sudo systemctl enable docker
# Run DVWA
sudo docker run -d -p 80:80 vulnerables/web-dvwa
# Access at http://localhost or http://192.168.56.100
# Default login: admin/passwordOption 2: VMware Setup
VMware offers better performance but requires purchase (or free Player for basic use).
VMware Workstation Pro (Windows/Linux)
1. Download and install from vmware.com
2. Create Host-only Network:
Edit β Virtual Network Editor β Add Network
- Type: Host-only
- Subnet: 192.168.56.0/24
- DHCP: Enable or disable (static IPs recommended)VMware Fusion (macOS)
1. Download and install from vmware.com
2. VMware Fusion β Preferences β Network
3. Create custom network for lab useImport VMs
VMware can import .ova files directly or use .vmx/.vmdk files.
Option 3: Cloud-Based Lab
For those without sufficient local resources, cloud options exist:
AWS/Azure/GCP
Create isolated VPC/VNet:
- No internet gateway
- No routes to other networks
- Security groups blocking all external traffic
Launch instances:
- Kali Linux (marketplace AMIs available)
- Vulnerable targets (deploy from images)
Pros: Scalable, no local resources needed
Cons: Costs money, requires cloud knowledgeDedicated Platforms
| Platform | Description | Cost |
|---|---|---|
| HackTheBox | Penetration testing labs | Free tier + subscription |
| TryHackMe | Guided learning paths | Free tier + subscription |
| PentesterLab | Web security focus | Subscription |
| Offensive Security Labs | OSCP training | Course fee |
Essential Tool Installation
On Kali Linux
Kali comes pre-installed with most tools, but verify and update:
# Verify key tools are installed
which nmap wireshark tcpdump ettercap bettercap
# Install any missing tools
sudo apt install -y \
nmap \
wireshark \
tcpdump \
ettercap-common \
bettercap \
responder \
mitmproxy \
burpsuite \
sqlmap \
gobuster \
nikto \
john \
hashcat \
hydra \
aircrack-ng
# Install Python libraries for custom scripts
pip3 install scapy requests pwntools impacketNetwork Analysis Tools
# Wireshark (GUI packet analyzer)
# Already installed on Kali
# Run with:
sudo wireshark
# tshark (command-line Wireshark)
sudo tshark -i eth0 -w capture.pcap
# tcpdump (lightweight capture)
sudo tcpdump -i eth0 -w capture.pcap
# Capture specific traffic
sudo tcpdump -i eth0 port 80 or port 443Configure Wireshark for Non-Root Use
# Add your user to wireshark group
sudo usermod -aG wireshark $USER
# Set capabilities
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
# Log out and back in for group changesNetwork Configuration Deep Dive
Understanding Virtual Networks
Network Types
Network Types:
βββββββββββββ
1. NAT (Network Address Translation)
- VM gets private IP, host translates to outside
- Can access internet
- Can't be accessed from host network
- Use for: VMs needing internet access
2. Bridged
- VM appears as another device on your real network
- Gets IP from your DHCP server
- DANGEROUS for labs - exposes vulnerable VMs!
- Use for: Never for security labs
3. Host-Only
- Isolated network between host and VMs
- No internet access (unless you route it)
- Completely isolated from real network
- Use for: Security labs (primary choice)
4. Internal (VirtualBox) / Custom (VMware)
- Network only between VMs
- Host can't reach VMs directly
- Use for: When you want no host accessLab Network Design
Recommended Lab Layout
Recommended Lab Layout:
βββββββββββββββββββββ
Host-Only Network: 192.168.56.0/24
βββ 192.168.56.1 - Your host machine
βββ 192.168.56.100 - Kali Linux (attacker)
βββ 192.168.56.101 - Metasploitable (target)
βββ 192.168.56.102 - DVWA (web target)
βββ 192.168.56.103 - Windows target
βββ 192.168.56.104 - Additional targets
Optional NAT Network: 10.0.2.0/24
βββ For VMs needing internet (updates, downloads)
Attach as second adapter when neededMulti-Adapter Setup
For VMs that need both isolation AND occasional internet:
VM Settings β Network:
Adapter 1: Host-only (192.168.56.x) - Primary
Adapter 2: NAT (disabled by default)
When you need internet:
Enable Adapter 2, do updates, disable againCreating Snapshots
Snapshots let you save VM state and restore itβessential for labs.
VirtualBox Snapshots
Rightclick VM β Snapshots β Take
Right-click VM β Snapshots β Take
Recommended snapshots:
1. "Fresh Install" - Right after OS setup
2. "Tools Installed" - After installing all tools
3. "Before Lab X" - Before each major exercise
To restore:
Right-click snapshot β RestoreVMware Snapshots
VM β Snapshot β Take Snapshot
Same snapshot strategy as VirtualBoxPRO TIP
Before attempting any attack, take a snapshot. If something breaks (or if you want to try a different approach), you can instantly restore. This also helps verify that your attack worked by comparing to the clean state.
Verifying Your Lab Setup
Run these tests to confirm your lab is working:
Test 1: Network Connectivity
# On Kali, verify you can reach targets
ping -c 3 192.168.56.101 # Metasploitable
ping -c 3 192.168.56.1 # Host
# Verify isolation (this should fail)
ping -c 3 8.8.8.8 # Should timeout if isolatedTest 2: Service Discovery
# Scan your lab network
nmap -sn 192.168.56.0/24
# Should show all running VMs
# Example output:
# Nmap scan report for 192.168.56.1
# Host is up (0.00042s latency).
# Nmap scan report for 192.168.56.100
# Host is up (0.00031s latency).
# ...Test 3: Capture Traffic
# On Kali, start capture
sudo tcpdump -i eth0 -c 10
# From another terminal, generate traffic
ping 192.168.56.101
# Should see ICMP packets in captureTest 4: Access Vulnerable Services
# Check Metasploitable services
nmap -sV 192.168.56.101
# Should show open ports:
# 21/tcp open ftp vsftpd 2.3.4
# 22/tcp open ssh OpenSSH 4.7p1
# 23/tcp open telnet Linux telnetd
# 80/tcp open http Apache httpd 2.2.8
# ...
# Access DVWA web interface
curl http://192.168.56.102/
# Or open in browser on KaliLab Exercises by Chapter
Reference for which VMs you need for each chapterβs labs:
| Chapter | Required VMs | Optional VMs |
|---|---|---|
| Network Analysis | Kali, any target | All |
| Layer 2 Attacks | Kali, 2+ targets | - |
| Layer 3 Attacks | Kali, target | - |
| Transport Attacks | Kali, Metasploitable | Windows target |
| Application Attacks | Kali, DVWA, Metasploitable | - |
| MITM Attacks | Kali, 2+ targets | - |
| DoS (concepts only) | Kali | - |
| Wireless Attacks | Kali + wireless adapter | - |
| Cloud Labs | Cloud account | - |
| Detection Labs | Kali, target, monitoring VM | SIEM |
Troubleshooting Common Issues
VM Wonβt Start
Problem: "VT-x is not available"
Solution: Enable virtualization in BIOS/UEFI
Problem: "Not enough memory"
Solution: Close other VMs, allocate less RAM to this VM
Problem: Black screen after start
Solution: Try different graphics controller in VM settingsNetwork Issues
Problem: VMs can't reach each other
Solutions:
1. Verify both are on same host-only network
2. Check VM has correct network adapter attached
3. Verify IP addresses are in same subnet
4. Check no firewall blocking on VMs
Problem: Can't reach host from VM
Solutions:
1. Verify host-only adapter is enabled on host
2. Check host firewall allows connections
3. Verify host-only network IP on host (ipconfig/ifconfig)
Problem: VM has no IP address
Solutions:
1. Ensure DHCP is enabled on host-only network
2. Or configure static IP manually
3. Run: sudo dhclient eth0 (to request IP)Tool Issues
Problem: Wireshark "no interfaces"
Solution: Run as root, or configure permissions (see above)
Problem: Scapy "operation not permitted"
Solution: Run script as root: sudo python3 script.py
Problem: "Command not found"
Solution: Install missing tool with apt install <tool>Security Reminders
IMPORTANT REMINDERS
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β IMPORTANT REMINDERS β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β ALWAYS use host-only or isolated networks β
β β
β NEVER bridge vulnerable VMs to your real network β
β β
β NEVER practice attacks on unauthorized systems β
β β
β ALWAYS take snapshots before experimenting β
β β
β ALWAYS verify isolation before starting labs β
β β
β IF UNSURE, ask before proceeding β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββQuick Start Checklist
- Hypervisor installed (VirtualBox or VMware)
- Host-only network created (192.168.56.0/24)
- Kali Linux VM imported and updated
- At least one target VM (Metasploitable recommended)
- Snapshots taken of clean state
- Network connectivity verified
- Tools verified working
- Isolation verified (canβt reach internet)
Once all boxes are checked, youβre ready for the labs in Part III!
Key Takeaways
-
Isolation is essentialβhost-only networking protects you and others from your lab activities
-
Snapshots save timeβtake them before each exercise for easy rollback
-
Start simpleβKali + Metasploitable covers most exercises
-
Verify before attackingβalways confirm your environment is correctly isolated
-
Legal protectionβpracticing on your own lab eliminates legal concerns