After completing my eLearnSecurity Certified Professional Penetration Tester v4 (eCPPT) exam I wanted to keep my skills sharp and put my newly gained penetration testing knowledge to the test in a practical lab environment. While visiting the netsecstudents Reddit I found several posts discussing Virtual Hacking Labs.
Virtual Hacking Labs is a young company based in the Netherlands that offers an online vulnerable by design penetration testing lab and accompanying course on penetration testing. They offer several plans to access their lab environment and course materials without breaking the bank. Because of their reasonable pricing and the overall positive comments on the netsecstudents Reddit I thought I’d try them out.
The Virtual Hacking Labs plans (or passes as they call them) are relatively straight forward. You buy a pass that grants you access to their lab and course content for a pre-determined amount of time and off you go. The passes start out at one week but Month, three month and yearly passes are also available.
The only thing to note while comparing passes is that the weekly pass does not include offline access to the course materials and does not grant you a Certificate of Completion if you complete the twenty-machine lab challenge. If you value offline access to the materials for later reference, or if you want to opt for the Certificate of Completion I recommend going for a pass that includes them.
I opted for the monthly pass which includes everything they have to offer including 31 days of access to the lab environment.
Demo and Purchasing
Virtual Hacking Labs offers a free course sample that you can request before purchase. The sample includes an introduction of what they have to offer, what is included when you buy a pass and includes a subset of the course material to see if you like the course content.
Purchasing your access pass is as simple as selecting one, filling in the required information and account credentials and choosing a payment method. They offer several payment methods including PayPal, Credit Card and iDeal. I used iDeal when making my purchase which made the process a seamless experience.
While the Virtual Hacking Labs website states that memberships will be processed and activated within 24 hours of purchase I received an email with VPN access credentials a few minutes after payment allowing me to access course materials and the lab almost instantly.
A note on pricing before purchase, the Virtual Hacking Labs website lists pricing without tax, keep this in mind while purchasing the course as they do add tax on checkout if required by law. Of further note is the price listing in Euros which is something to keep in mind for non-European’s that consider to purchase the course.
The Course Content
The course content is split up in ten chapters, one of which is dedicated to a manual on how to access the practical lab over a VPN connection. This leaves nine chapters of actual penetration testing content that include.
- Penetration Testing Basics
- Information Gathering
- Vulnerability Assessment
- Privilege Escalation
- Web Applications
- Password Attacks
- Networking and Shells
The course itself can be seen as an introductory course and is very beginner friendly. The course does a good job introducing you to the penetration testing process and methodology and is designed in such a way that you can follow along and try the concepts that are explained in the materials on the well-known Metasploitable 2 virtual machine. This machine is available in the Virtual Hacking Labs lab environment so you do not have to go through the hassle of setting up your own.
The use of the Metasploitable 2 virtual machine and the “follow along” approach throughout the course is clever, it solidifies the theoretical concepts that are explained in the course materials and prepares you well for the beginner machines in the lab without spoiling solutions on the other machines.
The Online Course Dashboard
If you purchase a month or longer access pass you can download an offline copy of the course materials in PDF format. For beginners however, it is probably more intuitive to follow the course in its online format. Using the online format allows you to mark chapters as complete making it easy to track your progress.
Marking chapters as complete makes the course progress bar fill up giving you a sense of accomplishment as you work your way through the course materials.
The lab is a shared penetration testing lab, meaning you share a lab with other students that are also taking the course. The lab consists of around thirty-five vulnerable machines with a variety of operating systems. Operating systems include but are not limited to: Windows, Linux, FreeBSD, Nas4Free and even Android.
The lab machines are split up in three categories.
As the name implies beginner machines are meant for beginners, those that just finished the course materials or with some previous experience in the field. Solutions to these machines can often be found within the course content. Beginner machines also have clear hints available in the lab dashboard to push you in the right direction if you are stuck. Furthermore, most beginner machines do not require complex privilege escalation techniques and an initial shell usually results in the highest privileges possible.
The advanched machines offer a bigger challenge. They usually require you to jump through more hoops to gain an initial shell on the machine. As with the beginner machines the lab dashboard offers several cryptic hints on these machines. The hints do a good job pushing you in the right direction without handing you the solution. Compared to their beginner counterparts advanced machines often require privilege escalation techniques to gain the highest level of privileges once you gained an initial foothold.
The advanched+ machines offer the highest challenge in the labs. Unlike the beginner and advanched machines these machines do not contain any hints within the lab dashboard. Gaining an initial shell and the highest levels of privileges on these machines often requires more advanched techniques that are not always covered within the course materials. Compromising these machines often means going beyond the course materials and finding new solutions on your own.
The virtual machine creators did a good job creating and balancing the lab, making sure to include several older but also more modern and up to date operating systems and vulnerabilities. Vulnerable software, bad update practices, weak credentials, configuration errors and poorly written code seem to be the Virtual Hacking Labs mantra. I like this approach as it teaches you what to look for in real world engagements without the fluff some other CTF style labs use to make the challenge harder in an artificial way.
The Online Lab Dashboard
The lab dashboard follows the same approach as the Course Dashboard. On the dashboard you can find the names and IP addresses of lab machines, the machine difficulty and how many students marked the machine as complete. Like the course progress bar, the lab progress bar will fill up if you mark the machines you completed giving you a sense of accomplishment while you work your way through the lab.
Depending on the difficulty of the machine clicking on its name brings you to a page with various hints and links to related course materials to review again if you are stuck. The links to the course materials usually are enough to refresh your memory and get you going again. I highly recommend only using the hints on a machine if you are really stuck. Doing another machine first and coming back later or taking a small break is usually a better solution than using the hints.
- Take your time with the course you get out of it what you put into it
- Use the Metasploitable 2 machine to follow along with the materials
- Use the course and lab progress bar to keep track of your progress
- Try not to use the hints, referencing the linked course materials usually is enough to push you in the right direction
The Certificate of Completion
To be eligible for the Certificate of Completion you must purchase a pass that grants at least a month of lab access. Furthermore, you must fully compromise at least twenty machines and gain root/system level privileges while documenting your efforts in a penetration test report. The report must conform to certain guidelines that are explained by Virtual Hacking Labs on this page (only accessible for members).
After you finish writing your report you can sent an email to Virtual Hacking Labs and request your Certificate of Completion, they will verify your report and if everything is in order sent you the Certificate of Completion in PDF format by email. For my report I used a heavily modified version of the Offensive Security penetration test report. If you need inspiration there are several other penetration test reports available publicly, they can be found here.
The Certificate of Completion is a nice way to feel like you accomplished something worthwhile just like the course and lab dashboard give you a sense of accomplishment throughout the course. The certificate does not currently hold a lot of value in the market but is a welcome addition to the course nonetheless.
Certificate of Completion Tips
- Make good notes while working on a machine
- Make frequent screenshots during the process
- Make your documentation immediately after compromising a machine
- Save any payload commands you use, you need them for your report
- Do not forget to grab the contents of the key.txt file from a machine
- Do not forget to make a proof screenshot once you gained root/system access
While the course materials will probably not teach you a lot of new techniques if you are a seasoned penetration tester it is a very well designed and practical course for aspiring penetration testers or IT professionals that want to learn more about offensive techniques. A solid background in computer networking, operating systems, and a basic understanding of Python will benefit you while going through the course materials.
The lab offers a good number of vulnerable machines ranging in difficulty appeasing both beginners and more experienced individuals. What I really like here is the real-world approach in which the lab machines are designed. If you are an aspiring penetration tester or IT professional with an interest in learning offensive techniques I highly recommend Virtual Hacking Labs. The week pass is cheap and allows you to try them out for what is practically as expensive as night out, I assure you, you will learn something worthwhile and have a lot of fun along the way.