This repository provides a local penetration testing lab using Vagrant and VirtualBox. The lab is isolated on a dedicated internal network (hostile_internal_network) to ensure safe experimentation.
This repo contains Vagrant configs and scripts to set up a penetration testing lab locally on your laptop or desktop. It includes:
- Kali Linux: Main attack box, provisioned with Ansible for additional tools.
- Metasploitable3: Ubuntu 14.04 and Windows Server 2008 vulnerable VMs.
- Ubuntu Focal & Jammy: Ubuntu 20.04 and 22.04 VMs for custom targets.
- Windows 10 (MS Edge): Attempts to provision a Windows 10 VM (note: Microsoft no longer provides these images).
- All VMs are connected to an isolated VirtualBox internal network.
- Provisioning scripts automate setup and configuration.
- Supports Vagrant snapshots for easy rollback.
- Documentation and scripts for further customization.
You will need the following already installed:
Internal networks are created automatically as needed. There is no central configuration. Every internal network is identified simply by its name.
Create a dedicated intnet which will serve as the isolated netowrk. Create the hostile_internal_network network using:
VBoxManage dhcpserver add \
--netname hostile_internal_network \
--ip 10.69.69.1 \
--netmask 255.255.255.0 \
--lowerip 10.69.69.100 \
--upperip 10.69.69.199 \
--enable
# to check
VBoxManage list dhcpservers
VBoxManage list intnetsThe Kali virtual machine will be your attackbox from which you will initiated attacks against the other virtual machines. Boot up this VM first.
cd kali
vagrant up
vagrant sshThe Kali host will have the IP address 10.69.69.200.
In the VirtualBox GUI, you will find this hosts under petest-lab/attackbox group.
Metasploitable 3 is a deliberately vulnerable VM (Windows Server 2008 and Ubuntu 14.04 builds) designed for hands-on penetration testing and exploit practice, preloaded with misconfigurations and known vulnerabilities for safe lab use.
cd metasploitable3
vagrant upIn the VirtualBox GUI, you will find these two hosts under petest-lab/victim group.
For the other VMs, just cd into the directory and run vagrant up. You can also install vulnerable software in these other VMs and run your penetration tests from the Kali attackbox.
In the VirtualBox GUI, you will find these hosts under petest-lab/victim group.
Always take snapshots. This saves time by not having to start everyting all over again.
vagrant snapshot list
vagrant snapshot save [vm-name] NAME
vagrant snapshot restore [vm-name] NAME [--no-start]When creating a VM using vagrant, vagrant will always create a NAT Network adpater as the first NIC interface. No matter what kind of networking is chosen, vagrant will always create this network interface. This network interface is used by Vagrant to ssh to the VM when running vagrant ssh.
Vagrant assumes there is an available NAT device on eth0. This ensures that Vagrant always has a way of communicating with the guest machine. It is possible to change this manually (outside of Vagrant), however, this may lead to inconsistent behavior. Providers might have additional assumptions. For example, in VirtualBox, this assumption means that network adapter 1 is a NAT device.
- Find the offending key by running
ssh-add -l - Remove that specific key by running
ssh-add -d <(ssh-keygen -y -f {{FILENAME_PATH_FROM_PREVIOUS_STEP}})
Example: ssh-add -d <(ssh-keygen -f ${HOME}/virt/vagrant/pentest-lab/kali/.vagrant/machines/kali/virtualbox/private_key -y)
Otherwise, this can be fixed by running ssh-add -D which will delete all identities from the ssh agent
If you think my work helped you in some way saving you time and effort, I am happy to receive any amount of donation. However, the code in this repo is completely free.
Bitcoin (BTC): bc1qzlhpm94vtk2ht67etdutzcy2g5an5v6g36tp0m