Home Lab Setup

Let’s make a home lab!

If you want to get into cybersecurity, nothing is more essential than collecting as many certifications as you can.

I’m joking of course. There is value in studying for certifications and taking exams, however, it only proves that you can regurgitate information. I would highly advise getting practical, hands-on experience to differentiate yourself from the crowd and become valuable to an organization. Often attributed to Confucius, I strongly believe in the quote: “I hear and I forget. I see and I remember. I do and I understand."

My objective with this blog is to teach as much as I learn, and hopefully help out somebody else that has struggled with similar topics that I have. Throughout this journey, I hope to cover practical skills, theoretical knowledge, and cool sh*t happening in the cyber realm. Let’s dive in.

First you will need to install some form of virtualization software to create your lab. This allows you to run multiple operating systems on your one (1) computer through the creation of Virtual Machines (VMs). The most popular virtualization softwares are VirtualBox, VMware, UTM, and parallels.

Normally, I am a fan of VirtualBox, but since I am working on a Mac today and its performance on Apple Silicon chips is experimental and limited, we will be switching to UTM.

📦0. Download UTM

• Visit: https://mac.getutm.app/

• Click download and install the .dmg file

🛠1. Lab Architecture

For this lab we will be running a Windows 11 VM and a Kali Linux VM. Kali Linux is the most widely used flavor of Linux for hacking due to the preinstalled tools and configs. People can argue about how Parrot OS or some other flavor beats Kali, but regardless it is a great playground where you can upskill from beginner to advanced topics.

The theory behind the lab design can be see below.

🧰 2. VM Installation and Configuration

Next we will be installing a Kali Linux ISO file and Windows 11 ISO file. In accordance with system requirements, we need ARM64 ISO file architecture.You may find these files at the following locations:

• Kali: https://www.kali.org/get-kali/#kali-platforms

• Windows:https://www.microsoft.com/en-us/software-download/windows11arm64

2.1. Image Creation

Now it is time to configure the images.

• Click Create a New Virtual Machine

• Choose Virtualize > Linux

• Use the ARM64 Kali ISO file you downloaded

• Set (should default to acceptable figures):

  • RAM: at least 2 GB

  • CPU Cores: at least 2

  • Disk Size: 20 GB+

• Finish setup and start the VM

• Repeat the same process for the Windows 11 VM

2.2. Image configuration

After booting from the ISO file, follow the on-screen instructions to configure the image.

The default login for Kali machines is ‘kali/kali’. After logging in, run the following command to ensure the VM is up to date.

• sudo apt update && sudo apt upgrade

There is no default login for the Windows machine and a username/password will need to be created.

Once all steps are complete, we are ready to get to the fun part!

🛰️ 3. Connecting the machines

We want to create a closed network, where only these two machines are operating on it. We have two options here:

Option 1: Internal Network (most isolated)

• VMs talk to each other, but not to the internet.

• Safer for exploit testing

Option 2: Host-Only Network

• VMs talk to each other and your Mac

• Still not connected to the internet

For this initial setup, we are choosing option 2. To do this we need to shut both down and enter into each of the VM’s settings and change the following configuration.

• Select Network

• Select Network Mode: Host Only

• Save and start them back up

3.1 Confirm Connection with a Ping

Run the following command from your Windows VM:

• ipconfig (this provides you with your IP address)

Run one of the following commands on your Linux machine:

• ip a OR ifconfig

Now that we have the IP addresses of both machines, we can make them talk.

We will start out with running the ping command. This sends an ICMP echo request to the other machine and waits for a reply. This tests for basic connectivity.

To visualize what is happening in more depth we can fire up Wireshark on our Kali machine and select:

• Start capturing packets

If you are not able to run Wireshark as the current user, you will need to reconfigure Wireshark and add permissions for your username. This can be done with the following two commands:

• sudo dpkg-reconfigure wireshark-common

• Select ‘yes’ to allow non-root users

• sudo user mod -a -G wireshark <user> (kali for the sake of this lab)

🚀 Congrats you have now setup two VMs on your host that can interact with one another! 🚀

🚀 In the next step we will dive into setting up tools and get into some reconnaissance! 🚀