The objective of my DIY home lab is gain hands-on experience configuring an isolated, virtual test environment using Oracle Virtual Box running several virtual machines. I am gaining hands-on experience installing, configuring, testing and executing :

1. vulnerability scans

2. monitoring and collecting suspicious activity

3. perform deep packet inspection 

4. implement defenses and hardening 

5. perform penetration testing

6. perform threat profiling

7. vulnerability assessment: use nMap to scan a network, then OpenVAS or NESSUS to find and report vulnerabilities.

Phase 1 - simple flat network with the following configuration:

• pfSense firewall

• KALI Linus client

• Security Onion

• Elastic Stack (SIEM)

• Suricata (IDS/IPS)

• ZEEK

• Wazuh (SIEM XDR)

• Wireshark, TCPDump

• Windows 2022 Server

  • Defender

  • DHCP

  • Active Directory

  • Domain Services

Phase 2 - segmented network (public, private, DMZ, OT)

• multiple firewalls

• Metasploit

• UBUNTU server

• OT/IOT sensors

Lab diagram courtesy of Cyber Range (skool)