I have built a Security lab as I need an environment for studying, developing and testing at home.
This has been built around 3 concepts:
1 - It should mix Windows and Linux
2 - Main VMs (Kali Linux for Pentesting, SecOnion for SIEM and Windows Server 2012 R2 for AD)
3 - It should emulate a standard organisation setup.
Thus I have created this baby: https://preview.redd.it/k1jk5lofwj151.jpg?width=1295&format=pjpg&auto=webp&s=7410f834bdc7f000f865e06954f72564efa632f9
Win 7 VM
WIN 7 SP 1 with Rollout update KB3125574 Net Framework 4.0, 4.7 and 4.8 Windows Management Framework 5.1 KB3191566 Windows 7 SDK Java JDK 7 Java JDK 11 Java JDK 13 VS 2015 Firefox Chrome Postman Wireshark
Windows Server 2012 R2 with KB2919355 2020 Cumulative Updates SQL Server 2016 Service Pack 2 with KB4037357 Update 9 2020 SSMS v13 - SQL Management Studio SSMS v18.5 - SQL Management Studio Windows Systools KB3191564 -> WMI 5.1
Win XP SP3 Black Edition 2020.5 Visual Studio Pro 2010 SP 1 KB2736182 Immunity Debugger with Python 2.7 and Mona Notepad++ Ollydbg Java JDK 7.8
Firewal: PfSense (Already configured)
Security Monitoring SIEM: Security Onion 16.04 ( I need to start checking and validating the logs)
Pentesting: Kali Linux 2019.3 Large wit (couple of extra packages such as nmap pentesting libraries: scapy, scrapy, nmap) and the Firefox/Chrome Extensions (Wappalizer, User Agent Switcher) and Atom as IDE.
Also I created a IT Management Policy for Addressing, Hostnames, FW Rules, DHCP, AD Setup, etc
What do you think ?
Positive criticism, ideas, etc are needed!!!