diff --git a/build_your_own_lab/README.md b/build_your_own_lab/README.md index 6209d2c..3e40ef8 100644 --- a/build_your_own_lab/README.md +++ b/build_your_own_lab/README.md @@ -15,10 +15,18 @@ Note: The folks at Offensive Security have created a free training and book that - [The PenTesters Framework (PTF)](https://github.com/trustedsec/ptf): a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. Created by David Kennedy and maintained by the community. -- [Offensive Docker](https://github.com/aaaguirrep/pentest): Image with the more used tools to create a pentest environment easily and quickly. - - [PwnMachine by YesWeHack](https://github.com/yeswehack/pwn-machine): a self hosting solution based on docker aiming to provide an easy to use pwning station for bug hunters. The basic install include a web interface, a DNS server and a reverse proxy. +## Building a Home Lab +[This repository from @reswob10](https://github.com/reswob10/HomeLabResources) is an amazing resource to learn how to build your own cybersecurity lab at home. The repo includes references of blogs and videos that explain different lab setup, tools, and automation. + + +## WebSploit Labs: A Convenient, Simple, Yet Powerful Learning Environment + +[WebSploit Labs](https://websploit.org/) is a learning environment created by [Omar Santos](https://omarsantos.io) for different Cybersecurity Ethical Hacking ( Penetration Testing) training sessions delivered at [DEFCON](https://www.wallofsheep.com/blogs/news/packet-hacking-village-workshops-at-def-con-26-finalized), [DEF CON Red Team Village](https://redteamvillage.io), [O'Reilly Live Training (foremely known as Safari)](https://learning.oreilly.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&include_assessments=false&include_case_studies=true&include_courses=true&include_playlists=true&include_collections=true&include_notebooks=true&is_academic_institution_account=false&source=user&formats=live%20online%20training&sort=relevance&facet_json=true&page=0&include_facets=false&include_scenarios=true&include_sandboxes=true&json_facets=true), and many other conferences and forums. + +The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications. + ## Vulnerable Servers and Applications There are several intentionally vulnerable applications and virtual machines that you can deploy in a lab (safe) environment to practice your skills. You can also run some of them in Docker containers. @@ -26,13 +34,6 @@ There are several intentionally vulnerable applications and virtual machines tha Go to the [Vulnerable Servers Section](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers) of this GitHub repository to obtain a list of dozens of vulnerable applications and VMs that can be used to practice your skills. -## WebSploit Labs - -[WebSploit Labs](https://websploit.org/) is a learning environment created by [Omar Santos](https://omarsantos.io) for different Cybersecurity Ethical Hacking ( Penetration Testing) training sessions delivered at [DEFCON](https://www.wallofsheep.com/blogs/news/packet-hacking-village-workshops-at-def-con-26-finalized), [DEF CON Red Team Village](https://redteamvillage.io), [O'Reilly Live Training (foremely known as Safari)](https://learning.oreilly.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&include_assessments=false&include_case_studies=true&include_courses=true&include_playlists=true&include_collections=true&include_notebooks=true&is_academic_institution_account=false&source=user&formats=live%20online%20training&sort=relevance&facet_json=true&page=0&include_facets=false&include_scenarios=true&include_sandboxes=true&json_facets=true), and many other conferences and forums. - -The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications. - - ## Cloud-Based Cyber Ranges - [PurpleCloud](https://github.com/iknowjason/PurpleCloud): Cyber Range environment created by [Jason Ostrom](https://twitter.com/securitypuck) using Active Directory and automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud! - [CyberRange by SECDEVOPS@CUSE](https://github.com/secdevops-cuse/CyberRange): AWS-based Cyber Range.