Cyber Security

How To Build A Virtual Lab to Hack Computers Legally

March 30, 2016

Bita Beigishah

For those who want to learn about computer hacking or improve their skills, the proper learning environment is important. As most of us know, hacking into a computer or network without authorization is a serious crime.

Practice hacking without putting your future career in jeopardy by setting up a home penetration testing lab. You might assume that this is an expensive thing to build, but there are tricks to cut costs through virtualization. Learn how to build a virtual lab to practice hacking safely and legally.

Test Your Hacking Skills with Our CEH Quiz

As an aspiring ethical hacker and pen tester, you should become capable of building virtual and physical labs to for practice. Studends in CEH or ECSA must learn to apply the same methods for practicing.

Before moving forward, read this warning regarding the penalties for computer hacking. Let the legal repercussions sink in.

Why You Should Use Virtualization for Pen Testing – It’s Cheap

Are you familiar with emulators? These are the things you can download on your smart phone or PC to play old Nintendo games.

Virtual Machines (VMs) are a similar concept with noticeable differences. Virtualization is a fantastic way to set up a pen testing lab because it is cheap. You can set up a lab with VirtualBox and Linux variants without spending a dime, but that’s assuming you’re PC is up to specifications.

Hardware Recommendations for Virtual Labs:

  • A CPU that supports virtualization (Intel-VT, AMD-V)
  • 8GB RAM minimum
  • 1TB+ of hard disk space
  • A second monitor

Personally I run 8GB of RAM, 1TB Hybrid disk drive, and an AMD FX-6300; and it suits my needs just fine. We all wish for more RAM. The more powerful the host machine is, the more virtual machines you can run simultaneously.

Modern operating systems take up quite a bit of RAM to function. If you’re reading this on a Windows machine, press the following keys: ctrl+shift+esc. Now click on the tab to view performance and look at your current RAM usage. Linux (bash) users can type free -m into the terminal. This should give you an idea of how important it is to have a lot of RAM if you intend to run multiple virtual machines.

How to Build a Virtual Lab with Free Software

You need a hypervisor and operating systems to start. Here are free software distributions:


Linux Operating Systems


Add in Windows systems if you have a key for them. Mac operating systems are only allowed to run on Apple hardware. There are of course ways around this, but that’s illegal.

How to Set Up VirtualBox

Once you’ve got VirtualBox installed with a few operating systems up and running, it’s time to configure your network layout. On the right side pane of VirtualBox, you will see all kinds of configuration options. Click on networking and take a look at modificaiton options. Specifically, look at the following:

  • NAT: This creates a virtual router with DHCP and DNS while allowing communication between the virtual PCs on the network to your physical router and then to the Internet. This makes it less likely for anything in the virtual network to damage a physical machine, but enables you to connect to the Internet.
  • Bridged: This allows each virtual machine to connect to the LAN as if it were its own system. You can potentially damage your physical network if you don’t know what you’re doing (and even if you do). This could be used to test physical network security.
  • Internal: This allows each virtual machine to communicate internally, but there is absolutely no connection to anything outside of your PC. There is no communication with the host operating system.

Those settings handle basic configuration. If you want to simulate virtual routers, then that’s where pfsense comes in. It’s a little intimidating to newbies. If you get lost, follow this video.

Once you’re finished, open a virtual operating system that is set to the same internal adapter as pfSense and type in the LAN IP you configured earlier to access the graphical configuration page for pfSense. You can also configure Ubuntu Server as a router.

Physical Labs May Provide a Better Learning Experience

While virtual labs are awesome, there are still some advantages to building a physical lab. One particular benefit that a virtual lab cannot offer is wireless networking. If you want to experiment with WiFi hacks, you need a wireless access point. Physical labs gives you not only the opportunity to work with software, but you learn about setting up and troubleshooting hardware.

Hybrid Labs Enhance Your Networking Skills Too

You can create a hybrid network by combining physical and virtual network devices and infrastructure. There are several unique hacking approaches to use with hybrid labs. You can build a virtual target network on a desktop and attack it from a separate device. Also, you may want to simulate a complex network, but don’t quite have as many machines as you’d like. Mixing these two approaches for a hacking lab is a fantastic way to build and hone your skills as a hacker and a network technician.

Why it’s Imperative to Create a Safe Place For Hacking

Aside from legal issues, the best reason to hack in a virtual environment is security. Not only do you want to keep your own devices safe, but think about your neighbors, friends, and family. It’s easy to do serious damage while experimenting. Properly configured virtual labs keep hacking experiments contained.

Imagine you set up a wireless LAN for a test network with WEP encryption. Now suppose your neighbor’s kid thinks their slick and uses one of the many tutorials out there to gain access to your hacking lab. If you were doing something like a “Hail Mary” in Armitage and didn’t notice the new IP in your scan, (first of all why aren’t you looking at what’s in your scan…) you could easily destroy that kid’s computer.

He had it coming, right? You could potentially get in trouble for that! Inspect your setup regularly to make sure that you aren’t putting anyone at risk. Now go set up your virtual lab and start hacking.

subscribe by email

Stay Ahead

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.