Setting Up Your Cybersecurity Testing Environment

When discussing entry points into the field of cybersecurity, the importance of hands-on practice is frequently highlighted. Many experts advocate for creating a personal setup at home. This article serves as a guide for those outside the tech world who wish to understand what a home lab entails, providing detailed instructions for establishing a virtual environment that will aid newcomers on their cybersecurity journey.

A popular avenue into cybersecurity is through penetration testing, often the first career people think of when they hear the term "hacking." This guide will assist you in creating a testing environment where you can explore tools used by penetration testers, including Parrot OS and Kali. Recently, there has been a cultural shift, with more individuals turning to platforms such as Hack The Box and TryHackMe as entry points into penetration testing. However, having your own home environment allows for greater control and learning opportunities.

Requirements

• A laptop or PC — I recommend a MacBook with at least 16GB of RAM (a minimum of 8GB is essential).
• Optional — A Raspberry Pi running Raspbian.
• Oracle VirtualBox or VMware Fusion.

Importance of RAM in Your Setup

Virtual Machines (VMs) are defined by Microsoft as:

A virtual machine is a computer file, typically called an image, that behaves like an actual computer. In essence, it creates a computer within your existing computer.

To run a VM, it requires resources such as storage, RAM, and processing power. If your laptop has 4GB of RAM and you run three VMs with 1GB each, you will only have 1GB left for your laptop's own use, which can lead to performance issues.

A crucial tip for beginners is to thoroughly review your settings multiple times to understand the capabilities and limitations of the machine you're configuring. This foundational knowledge will be beneficial when transitioning to cloud deployments using GCP, AWS, or Azure. Familiarizing yourself with tools like VirtualBox and VMware will help you understand virtual networking and ensure your VMs can communicate effectively. If you're interested in malware and sandboxing, building your own environment is a great starting point.

Choosing Your Operating System

In this guide, we will install Parrot Security OS, although the instructions are applicable if you opt for Kali as well.

Parrot OS is a Debian-based GNU/Linux distribution designed with a focus on security, privacy, and development. If you're a first-time Linux user or lack confidence in using Linux, Parrot OS offers a user-friendly experience that resembles various other operating systems.

To download Parrot OS, install Oracle VirtualBox or VMware first. Then, you can download the ISO image from the official website of your chosen operating system.

Parrot OS Download Link

For this tutorial, we will specifically download the Parrot Security MATE ISO, as it comes equipped with the necessary tools.

Remember the days of inserting a CD to install an operating system? An ISO file serves a similar purpose. In VMware, you can simply drag the ISO file into the program, and it will recognize the operating system and set up the system.

From the screenshot, I've allocated 1 CPU core and 4GB of RAM to the VM, leaving 12GB available for my laptop. Initially, the VM was set to 2GB of RAM and 2 cores, which would have made it unstable by affecting the host machine's performance. Since I plan to run two VMs—one for active tasks and another for testing—it's essential to manage memory resources carefully.

I've allocated 16GB of storage to the VM, which will consume some of my laptop's storage space. If your laptop is nearly full, you may encounter issues running VMs. While I could have assigned 6GB, I prefer to avoid potential storage complications that can arise from resizing and reallocating storage later.

Once logged in, you will find the penetration testing menu, as shown in the above screenshot. I chose Parrot OS over Kali for this tutorial because it organizes industry-standard tools into clear categories. As you begin tutorials on database exploitation, you'll readily see the tools at your disposal. Mastering these tools requires consistent practice and learning from mistakes, so always check the documentation and look for guides on YouTube.

What Next After Installation?

With your home deployment set up, it's wise to have it connected to your network, ensuring that you're aware of the devices present. If you're in the UK, the Computer Misuse Act 1990 is enforceable, and engaging in unauthorized cyber activities can lead to prosecution. It’s prudent to create another virtual machine with a standard OS, such as Windows or another Linux variant. I will be utilizing my already set-up Raspberry Pi.

Alternative operating systems suitable for VM testing include:

• Ubuntu
• Linux Mint

Exploring Your Network

Nmap, or Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators utilize Nmap to identify devices on their systems, discovering available hosts, services offered, open ports, and potential security threats.

How to Scan Your Entire Network

You can open a terminal session in your Parrot OS VM and execute the following command to scan all IP ranges on the specified subnet, identifying which hosts are active.

If you're unfamiliar with Nmap, I recommend consulting a cheat sheet or the documentation.

nmap -sP 192.168.0.101/24

Output:

The results indicate that there are currently six devices connected to my network, along with their respective addresses. It also identified a Raspberry Pi with the host address 192.168.0.37. The other devices are likely my phone and various other gadgets connected to the router. Further probes can now be run to explore these devices.

Full Scan Instructions

Since this is my environment, the following scan will be quite noticeable (easily detected by vigilant system administrators even with minimal monitoring). Therefore, it should only be used for testing purposes to gather comprehensive results.

nmap -sT -p- -A -sC -vv -n -Pn 192.168.0.XX

Output:

This is not the complete output, but from the initial scan, we can observe that it first checks for open ports on this host.

Common ports such as 22 (SSH) and 80 (HTTP) are open. If I were an attacker using Parrot, I would be looking for brute force tools and methods related to HTTP to find a potential entry point. I've also noticed an unusual port number, 19999, which requires further investigation.

Fortunately, a comprehensive scan does much of the legwork for us. Regarding the rogue port operating on 19999:

The scan returned a 400 code, indicating the type of web service running. This is classified as an information leak, as it reveals that a service allowing credentials is running—specifically, the NetData Embedded HTTP Server. It also disclosed that it runs on v1.21, enabling me to focus on identifying any vulnerabilities associated with this software version and exploring potential exploits. This is one of the advantages of having such tools available in your own environment.

With this information, I can decide on my next steps. Should I attempt a brute force SSH attack? Or perhaps I could run a variety of automated attacks to see what succeeds in gaining access? Sometimes, it might be as straightforward as executing DDoS attacks on the Raspberry Pi to disconnect it from the network. However, this scenario highlights how simple it is for attackers to scan, map networks, and initiate attacks, underscoring the importance of being cautious about connecting to every public Wi-Fi network in airports and hotels.

It's essential to recognize that tools like Kali and Parrot OS are accessible to anyone. By running an Nmap scan, I've discovered a machine on my network, identified active services, and now have a suite of tools at my disposal for running exploits. As cybersecurity professionals, understanding how attacks are conducted is critical for developing effective defenses. Creating an environment like this is an excellent way to learn how to counteract potential threats. Even if your career doesn't lead you toward penetration testing, being comfortable deploying VMs and using foundational tools will enhance your knowledge. Whether your focus is cyber policy, log analysis, or auditing, understanding the attackers' perspective is invaluable.

To further assist you on your journey, here's a tutorial focused on hacking a Raspberry Pi using Parrot OS by YouTuber Novaspirit Tech.

Lastly, during these challenging times, I recommend staying informed on cyber issues by tuning into one of my favorite podcasts, The CyberWire!

By Stephen Chapendama