The Penetration Testing with Kali Linux (PWK) course, offered by Offensive Security, provides a comprehensive learning path for aspiring penetration testers. The labs are an essential part of the PWK course, offering hands-on experience with real-world scenarios. Below is an overview of the PWK labs:
-
Lab Structure: The labs are designed to mimic real-world environments with a variety of challenges. These challenges include both active exploitation and post-exploitation tasks, ranging from web application attacks to network-based penetration testing and privilege escalation.
-
Environment Setup: The labs provide a controlled environment, where students can interact with vulnerable machines hosted on a private network. This is done in a virtual environment, with each student having their own isolated lab space.
-
Lab Activities:
- Scanning & Enumeration: Students are tasked with scanning the target network and identifying active services, open ports, and potential vulnerabilities.
- Exploitation: The core of the PWK labs revolves around exploitation techniques, including SQL injection, buffer overflow, and privilege escalation.
- Post-Exploitation: After successfully exploiting a vulnerability, students move into post-exploitation, where they gather sensitive data, maintain persistence, and prepare for further exploitation.
-
Progression: The labs are designed to scale in complexity. Starting with easier machines, students progress through increasingly difficult targets, which helps build foundational skills and advanced techniques.
-
Report Submission: As part of the final assessment for the PWK course, students are required to submit a report documenting their exploitation and post-exploitation process for each machine. This reinforces professional documentation skills and helps students refine their methodology.
The following platforms are highly recommended for supplementing your penetration testing learning experience. These platforms offer hands-on labs, challenges, and scenarios similar to those found in real-world environments.
Hack The Box (HTB) is a popular online platform offering a variety of virtual machines and challenges for penetration testers and cybersecurity enthusiasts. The platform provides a gamified approach to learning, with increasing levels of difficulty. It is widely regarded for its realistic and challenging environments.
-
Key Features:
- Regularly updated machines based on real-world scenarios.
- A vast community of penetration testers who share solutions and collaborate.
- Different categories of challenges: Web, Network, Reverse Engineering, Cryptography, etc.
- Active machine and retired machine sections, allowing users to focus on both current and older challenges.
-
Recommended Use:
- HTB is great for practicing both offensive and defensive skills in penetration testing.
- The platform is perfect for those preparing for certification exams like OSCP, as it simulates real-world penetration testing environments.
- Engage with the community to discuss techniques and solutions.
Website: https://www.hackthebox.eu
TryHackMe is an interactive cybersecurity learning platform that covers a wide range of topics, from basic penetration testing to advanced security concepts. It offers guided learning paths and hands-on labs with step-by-step instructions, making it ideal for beginners and intermediate users.
-
Key Features:
- Structured learning paths with increasing difficulty, perfect for beginners and intermediate learners.
- Wide variety of content, covering topics from ethical hacking and web app security to malware analysis and threat hunting.
- Gamified experience with points, badges, and progress tracking.
- A mix of virtual machines, web applications, and real-world simulations.
-
Recommended Use:
- TryHackMe is excellent for anyone looking to build foundational penetration testing skills.
- It provides an accessible starting point for newcomers to cybersecurity and those aiming for certifications such as CEH, CompTIA Security+, and OSCP.
- Follow the learning paths for a more structured approach, or choose individual rooms to explore specific topics.
Website: https://tryhackme.com
Vulnhub offers a collection of vulnerable virtual machines that penetration testers and security professionals can use to practice their skills in a safe environment. The platform is designed to help learners improve their knowledge of exploiting vulnerabilities in real-world scenarios.
-
Key Features:
- A large collection of vulnerable machines with varying levels of difficulty.
- Open-source, with many machines being created by the community.
- Direct download of virtual machines to practice in local environments like VirtualBox or VMware.
-
Recommended Use:
- Vulnhub is perfect for practicing exploitation and post-exploitation tasks, especially for those who enjoy working in a local environment.
- It’s especially useful for anyone looking to improve their skills with older, classic vulnerabilities that are still widely relevant today.
Website: https://www.vulnhub.com/
Metasploitable2 is an intentionally vulnerable machine designed to be exploited in penetration testing labs. It is widely used to practice common attack vectors and exploit development with tools like Metasploit.
-
Key Features:
- Provides a deliberately insecure virtual machine with multiple vulnerabilities.
- Suitable for practicing a variety of attack techniques, such as SQL injection, privilege escalation, and buffer overflow.
- Free to download and use in personal environments for training.
-
Recommended Use:
- Metasploitable2 is a great starting point for practicing exploitation techniques, especially for those using Metasploit as their primary tool.
- The machine provides an excellent foundation for beginners to learn and practice the basics of penetration testing.
DVWA is a PHP/MySQL web application that is intentionally vulnerable to various web-based attacks. It is designed for web application security professionals to practice techniques like SQL injection, Cross-Site Scripting (XSS), and file inclusion vulnerabilities.
-
Key Features:
- Provides a deliberately insecure web application for practicing web-based penetration testing techniques.
- Easy setup with configurable security levels to match different skill levels.
- Covers a variety of web security vulnerabilities, including SQLi, XSS, CSRF, and file upload vulnerabilities.
-
Recommended Use:
- DVWA is ideal for penetration testers focused on web application security.
- It is highly recommended for those looking to sharpen their web exploitation skills and learn how to secure common web vulnerabilities.