Course content
Welcome to your personal cyber dojo. This guide will walk you through setting up a fully functional Red Team Home Lab using free or low-cost tools — no fluff, no wasted resources, just hands-on power.
🎯 Why You Need a Lab
A controlled environment is essential for safely practicing exploits, testing offensive tools, and simulating attacks without risking production systems or legal consequences. It's your legal sandbox for learning and refining your craft. hausec
🛠️ What You’ll Get
Step Focus Area
-
Goal Setup Choose your learning path: AD exploitation, phishing, lateral movement, etc.
-
Infrastructure Use VirtualBox, Proxmox, or VMware to deploy Kali (attacker), a Domain Controller, Windows targets, and optional Linux servers.
-
Tool Selection Focus on essentials like Metasploit, BloodHound, Empire, CyberChef, and scripting with PowerShell or Python.
-
Logging & Analytics Set up ELK stack (Elasticsearch, Logstash, Kibana) or Wazuh to capture telemetry and observe behavior.
-
Lab Hygiene Segment your lab network, snapshot VMs, document each step and outcome to build reproducibility and prevent mistakes.
⚙️ Quick Start Tips
- Start small: Even two VMs (a kali attacker and one Windows target) let you test basic attacks.
- Make it realistic: Use AD with service hosts, user accounts, and simulate misconfigurations.
- Track progress: Keep notes and logs so you can reflect on what worked—and what failed.
📂 What’s Next?
- Download a starter lab template with pre-built configs
- Try one attack technique like Kerberoasting or SMB relay
- Send me your request and I’ll script it in CyberChef or Python
🚀 On Deck
Next tutorial will dive into a full walkthrough: Building a Windows AD Domain Controller with metasploit access and logging using ELK/Wazuh, complete with code snippets and command sets.