Skip to content

H20-Jenish/Pentest_Lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Virtual Pentest Lab

Objective

To build a virtualized environment replicating enterprise network infrastructure, enabling hands-on learning in penetration testing, cybersecurity defence, threat monitoring, and secure system configurations.

Network Layout Overview

The lab consists of multiple zones, including:

  • Active Directory Zone: Centralized authentication using AD Server for internal client machines.
  • Security Zone: Tools like Wazuh, Snort/Suricata and Kali Purple/ELK Server for threat detection and log analysis.
  • DMZ Zone: Windows IIS Server, CentOS and TrueNAS server for hosting web applications.
  • Guest Zone: Controlled access for external devices.
  • Isolated Zone: Dedicated to offensive operations and vulnerability analysis.

Skills Learned

1.0 Network Security Architecture

  • Designed subnets for secure network segmentation.
  • Configured pfSense firewalls with Network access control.
  • Implemented SPAN ports for traffic mirroring and packet analysis.

2.0 Active Directory Security

  • Managed AD configurations, group policies, and user permissions.
  • Secured authentication with RBAC and OU structures.
  • Audited AD for weak configurations and privilege escalation paths.

3.0 Penetration Testing

  • Conducted vulnerability scans with Nmap and OpenVAS.
  • Performed red-team activities using Kali Linux tools, including Metasploit and Hydra.
  • Exploited vulnerabilities to test defences and lateral movement in AD.

4.0 Threat Detection and Response

  • Configured Wazuh and Elastic Stack for log correlation, intrusion detection, and threat analysis.
  • Analyzed network traffic using Snort and Suricata.
  • Monitored endpoints for malware using SIEM and HIDS tools.

5.0 Digital Forensics

  • Performed disk and memory forensics using REMux and Flare VM.
  • Captured and analyzed packet data for breach investigation with Wireshark.

6.0 System and Network Hardening

  • Hardened servers by disabling unused services and enforcing strict policies.
  • Secured IIS by implementing HTTPS and mitigating web application vulnerabilities.
  • Shared storage on TrueNAS was protected using encryption and ACLs.

7.0 File Storage Security

  • Configure TrueNAS for secure file storage, integrate it with Active Directory for user authentication and implement encryption techniques to protect data at rest and in transit.
  • Establish access control mechanisms with authentication and authorization, and use Wazuh to monitor file storage activities for anomalies or potential threats.
  • Identify and address common storage-related risks, such as unauthorized access and data leakage, by applying appropriate security measures.

Network Topology


Ref. 1: Network Layout
Detection lab layout

About

This project is a fully virtualized enterprise-style penetration testing lab designed to simulate real-world network environments for hands-on cybersecurity practice. It integrates offensive security, defensive monitoring, and system hardening within a segmented architecture that includes Active Directory, DMZ, security monitoring, and isolated att

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors