question

J3zA-4431 avatar image
0 Votes"
J3zA-4431 asked ·

Creating a pentest lab, importing existing VMs

Hi everyone,

I need some help with creating my first pentest lab. I'm currently studying for the CEH certifications and i want to practice my skills so i decided to go with a cloud solutions instead of building a home lab.

I want my pentest lab to include the following machines:

  • windows server 2019 (AD)

  • kali linux

  • metasploitable

  • owaspbwa

  • windows 8.1

  1. What will be the best azure solution for me (lab services or just create a few VMs) how much will it cost using a normal configuration 2vcpu and 4-8 GB of RAM?

  2. How can i add the images that doesn't exist in the store and how much will it cost?

  3. I live in Israel , what region should i choose?

azure-active-directoryazure-virtual-machines
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

shashishailaj avatar image
1 Vote"
shashishailaj answered ·

Hello @J3zA-4431 ,

Let me answer your question one by one.

  • What will be the best azure solution for me (lab services or just create a few VMs) ?

You should use Azure DevTest labs. Lab services are better suited for a teacher/student scenario where mostly you require one type of machine to be given to all the students/participants . If multiple VM are required for lab then you can create a nested VM scenario where you still get a new Virtual instance of a Windows Server and HyperV is enabled on the server and then we have multiple VMs created within that HyperV instance. So essentially , we have one virtual machine instance (with a high resource config 8vCpu / 16GB RAM etc.) which acts as a HyperV host for all other VMs and this is distributed to all students as the lab machine.

In your case , I would suggest to use DevTest Labs to create multiple VMs as per the requirement you have suggested. However the Dev test lab benefits apply to three types of Dev/test subscription offers only. - MSDN subscription using credit . - EA Dev/Test - Pay as you go Dev/Test

If you have a normal Azure Subscription , you may not get the devtest low pricing benefit . You have 5 machines and if I do rough caculation by the pricing calculator with 2vcpu and 4-8GB ram within West US region running for 10 hours daily for practice , it would cost you around $150 - $200 in devtest labs. The cost can further be minimized as per your requirement and usage as you may not need to have all VMs runnig for all pentest scenarios.

  • How much will it cost using a normal configuration 2vcpu and 4-8 GB of RAM? How can i add the images that doesn't exist in the store and how much will it cost ?.

If you have some images that you would like to use , then you can create a Shared Image Gallery . or just upload a VHD of an image that you have locally created using the HyperV on your win 10 machine. Else you can use marketplace images to create a machine and then use the capture option on the machine to capture a generalized image. It will depend on the size of VMs and how frequently do they get accessed from the storage account. This should not be a huge charge but giving an exact calculation is difficult as it majorly depends on how you use the VMs.

  • I live in Israel , what region should i choose?

Honestly , the region should not matter in your case but you can choose any one in europe or maybe France Central . I would suggest to create one single resource group and club all your dev test lab resource and other stuff within the same lab. start with creating a storage account and collecting the images within the storage account and either creating a shared image gallery or directly using the image within the devtest lab to deploy machines.

Also One of the most important things specific to your scenario would be to review the penetration testing guidelines . In your case , as long as you are trying to just learn within your own environment and not trying to find a vulnerability in azure , you should be good as long are you follow MS Pentesting rules of engagement and fill up the pen testing service request form. I would suggest that it would be a good idea to review the following and fill the pen testing notification form before proceeding ahead.

Hope the above answers your queries , In case you still have any residual questions , please do let us know and we will be happy to help . If the information within this post is useful , please do accept this as answer so that its helpful to others searching for similar queries.

Thank you.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.