Cybersecurity Tip: Build A Basic Home Lab (1/3)
ฝัง
- เผยแพร่เมื่อ 3 ก.ค. 2024
- 💡 What's a Home Lab?: Think of it as your digital workshop, a safe haven to tinker, test, and refine your cybersecurity skills. A Home Lab is a personalized setup where you can build virtual environments, play with cutting-edge tools, and simulate real-world scenarios, all from the comfort of your home. 🏠💡
🔍 The Power of Practical Learning: Theory is essential, but the Home Lab takes you beyond the textbooks. Hands-on learning allows you to grasp complex concepts, fortify your technical abilities, and face cyber challenges head-on! 🧠🔍
Dependency 64-bit: aka.ms/vs/17/release/vc_redis...
Dependency 32-bit: aka.ms/vs/17/release/vc_redis...
Windows ISO Image: www.microsoft.com/en-ca/softw...
If you want to become a SOC Analyst grab the no BS SOC roadmap here
mydfir.gumroad.com/l/SOC-Anal...
_________________________________
THE MYDFIR SOC ANALYST COURSE:
With 8 chapters and 30+ hands-on labs tailored to security operations, I am focused on transforming you into a standout SOC analyst. Beyond tools, you'll master the investigation process and uncover hidden details. Let's make a real difference together.
▸Enroll here: academy.mydfir.com/p/soc
_________________________________
SIGN UP FOR FREE MENTORSHIP
Getting started in Cybersecurity is difficult and you don't have to do it alone.
Let me help you on your journey.
▸Sign up for FREE here: www.mydfir.com/mentorship
_________________________________
RECOMMEND COURSES FOR BEGINNERS:
Coursera Google Cybersecurity Program
Affiliate Link - imp.i384100.net/mydfir
Microsoft Cybersecurity Analyst Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-MS
Coursera Google IT Support Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-IT
_________________________________
PRODUCTS TO HELP YOU GET STARTED
🗺️ 1-Year Cybersecurity Roadmap: mydfir.gumroad.com/l/roadmap
📄 Resume Template: mydfir.gumroad.com/l/Resume-T...
📑 Cover Letter Template: mydfir.gumroad.com/l/Cover-Le...
🎙️ Interview Questions: www.mydfir.com/interview
📚 Cybersecurity bookmarks: mydfir.gumroad.com/l/bookmarks
_________________________________
EARLY ACCESS & EXCLUSIVE VIDEOS
Patreon: / mydfir
_________________________________
🕒 TIMELINE
00:00 - Intro
01:05 - Virtual Box Demo
04:28 - Windows Demo
08:32 - Kali Demo
12:05 - Things to be aware of
_________________________________
FOLLOW ME ON SOCIAL MEDIA:
▸Instagram: / mydfir
▸X: x.com/@MyDFIR
Disclaimer: All opinions in my videos are solely my own. Some links provided are affiliate links!
#HomeLab #cybersecurity #cybersecuritytrainingforbeginners #cybersecurityforbeginners #socanalyst #soc
I must say this is all time one of the most important video for beginners.
Thanks! I was worried about this being too beginner but I remembered we all had to start somewhere!
Are SBC systems ever a good idea? Or is a virtual environment enough?
One of the realest blue teamer out here no BS only good stuffs. Mucho gracias 🙏🏿
Glad I stumbled across your channel. I love your enthusiasm, you sound genuine in your efforts to want to help others become SOC analysts. Thank you for the good content.
Thanks for the kind words ❤️ I certainly do want to help those trying to transition / get started!
Insane value as usual
Watched just one video and couldn't stop myself from liking and subscribing. I must say u know the pain of a beginner very well. Hoping to get more lab based videos in future. Thanks a ton!!!
Thank you!! You’ll love the projects I have on the channel!
Always great content! Definitely one of the best cybersecurity TH-camrs! Looking forward to more content! Amazing job!
Thanks for your support and kind words! ❤️
love your videos! actually giving beginners into cyber things to try and get experience with and things we can put into a CV.
Happy to hear that! That is the plan, create videos to help people get into cybersecurity. I am glad my content is doing just that. Thanks❤️
That smirk at 0.36 got me laughing ,,,,,🤣🤣🤣
😂 don’t execute malware on domain controllers!!!
Fantastic walkthrough. I wish we had more walkthroughs like this for true beginners. So many get discouraged or feel overwhelmed when the TH-camr expects viewers to just "know" how to do something. Not always the case. Thanks again. Subscribed
Thanks! I appreciate that. ❤️ feel free to take a stab at the projects on my channel when you have some time, should be a fun experience!
Excellent presentation my friend. Thank you
Thank you ❤️
💗 Love your way! 🎉
Thank you!
Great video, thanks!
You're welcome!
Great videos, always. Great content
Thank you for your support ❤️
I am a beginner in cybersecurity field. This is very helpful for the beginner I think.
Awesome! Happy to help
Great stuff!
Thanks!
Thank you so much, you doing such a great work❤
I love it...
Thank you for the kind words - I am glad to help!
Great video, thank you sir!
My pleasure!
Thank you. What a great and informative video. Keep up the good work please.
Thank you!
Love the video. Just starting my career in cyber security and eager to get started on some home lab projects
Awesome! Thanks for watching ❤️
Hey there! Just wanted to drop by and say how much I enjoyed your video. Seriously, it was so informative and well put together. Consider me a new subscriber - I'm hooked! I'm already excited for your next upload. Keep up the great work, looking forward to more! 👌
That is awesome!! I am super happy I could help. Thank you for subscribing and stay tuned for part 2 👀
Great video!
Thanks!
Hello brother, you deserve my appreciation for this video... May the FORCE always be with you..
Thank you so much 😀
I've also used Gnome Boxes and Oracle Virtual Box in my Big Linux OS distro and KDE Neon Plasma from the makers of Smart Plasma (Linux) TV which we called Smart TV. Gnome is so easy to use. Gnome Boxes is so easy for beginners with no experience needed. Even it has no complicated configurations needed too. My episode regarding virtual machines installation and introduction will be in public maybe next week as I always set it and I focus only in GNU/Linux or simply refereed to use Linux. As I use Linux in video & layout editing, lectures, documents, slideshow presentation and so on.
Love it! The one thing I love about our field or well…IT in general is that there are so many different ways to accomplish the same thing. Thanks for your input ❤️
Love your energy and this channel. Your host is toast is a classic…lol😂
Haha thanks for watching!
Very useful for beginners. Thanks a lot..
You are welcome!
there are certain things i just found out for the first time even though I've been using it for a while now . Thanks
Happy to help! Thanks for watching ❤️
Welp, there goes my weekend. 😂 Thanks for the vid!! Appreciate the content!
Haha! Hopefully you’ll have fun building this one, definitely a great way to get started. After that, it will be entirely up to your imagination on what else you can achieve and accomplish.
I’ll be here if you have any questions!
Thank you bro. Well explained + Wonderful presentation and explanation
Thank you! More to come :) the next lab will be a treat for sure.
Stumbled across this video today. I have Sec+ & PenTest+ and am hoping that by watching your videos, I can learn to be proficient in using what I have learned! New subscriber!! Looking for to your future videos!!
Wonderful! Great job on obtaining your Sec+ & Pentest+ 🙌
Thank you …your explanation is very helpful and helpful keep on shining brother your a star
Thank you for watching ❤️
Thanks bro for this video
Thanks for watching ❤️
Sweet video bro, ima do this when I get home so I can start attacking my other VM for practice.
Awesome! Best of luck and have fun with it 😄
Amazing man I am studying in college and trying to get ahead, this is extremely helpful thank you for your hard work and consistency!
Thats awesome to hear! Glad I could help
This is a great video.... for next video may I suggest, you show us how to run both virtual machine Window & Kali and simulate attacks (Blue & Red team simulation)
Love it! Adding that to my to do videos. Thanks for the suggestion ❤️
@@MyDFIR Can you recommend where from reputable sources we can download tightly-secured Sandbox? I want to start learning malware analysis and have setup VMs with Kali, SANS SIFT Workstation and other distros. I only have one computer, so I dont want any virus leaking out the VMs.
Yes
this was extremely informative and easy to understand, thanks bro bro.
Happy to help! Thanks for watching ❤️
Great video! You eluded to proper configuration of your virtual machines. I'm surprised you didn't mention about setting up a separate isolated local network for the lab so that, whatever you're doing, doesn't escape the VM network. Might be a good idea for a second deep dive video. :)
Haha good job catching that! That was actually on purpose😝 I didn't want to make the video super long and you guessed it, I'll be creating a deep dive video on properly configuring the VM for malware analysis which will include setting up a separate local network!
awesome catch!
Man did you send me to the rabbit hole! I’ve watched you video on CS projects and decided to make a simple project with Wazuh, well Wazuh doesn’t support ARM, since I am with a Macbook I bought an old Dell Optiplex 6 core, 16gb. And now using this video to set it up, took a week off work, just to install and setup the Windows and its updates alone 😂 The rest should be quick. Thanks for the well made tutorial, great channel with huge potential!
Awesome! With Wazuh, you can try and set it up via the cloud if you’re comfortable with that, but now that you have a Windows Machine you should be good to go for any upcoming projects!
"Host is Toast" gave me a good chuckle, thanks
😂😂😂
Great information thanks
Glad it was helpful!
Awesome video, indeed. I think I finally found someone who can thoroughly explain everything. Will you be doing a video on sandbox and how to properly configure it in VMware?
Woohoo! Yup part 2 is coming soon stay tuned 👀 thanks for the support
Thank you I need this so bad . My classmates have had job interviews if they don’t have a home lab they re deny
The job . This will help me
Wonderful, I am happy this will help. Thanks for watching!
Much appreciated! As always
Stumbled upon this vid today... Most Def going to follow and subscribe.... and mote
Awesome! Thanks for the support 🙏
@@MyDFIR How am i to go about being mentored going forward?
4:22 that kali logo and that wording😂😂😂😂😂😂🔥
😂
great video, i was looking at getting a Pi again or a wyese terminal from work.. but should just do virtual.. ill just have to work out how to make a good sandbox
I know that feeling of so many options! At the end of the day, can’t go wrong with them
Nice Sir :D
Thanks 🙂
Bro this video was informative. I'm currently using Ubuntu Linux distro and planning in getting into the field of SOc Cyber-Sec Analyst. Kali I understand is the standard in this field and used for cyber-security jobs. Thanks again. I downloaded the video to my local computer for future reference.
Awesome! Glad it helps - Kali is great to use as it has pre-built tools ready to go 😀
@@MyDFIR so currently I have Ubuntu setup. Can I have virtualization setup with the local computer and have a lab arranged that way?
I finally downloaded both virtual machines thanks to you. You are awesome!! Where do I send the money? lol
I am very excited to begin the cybersecurity journey with you. I applied for some entry level cybersecurity jobs, but I know I won't get it because I don't have hands on experience. Because of you I am feeling like I am getting that hands on exposure to cybersecurity. Thank you!
Haha thanks for the support! I am excited for you and good luck on your job hunt - Hopefully my videos can provide you with guidance on where/how to get started.
Very interesting this could better help understand the attacking side
Thanks!
Great video, I would like to know though how to configure the VM for sandboxing.
Sure thing! I’ll create a video on that but one quick & dirty way is make sure your virtual machine has no network connectivity by disabling the vm network card by selecting “Not Attached” - That should keep you safe for *most* malware if you planned on analyzing those. Do note, there are “VM-aware” & “sandbox-escape” malware out there so analyze at your own risk!
Look like a surefire way to cook my computer.
😂😂
How do you know if the virtual machine is in sandbox mode?
I bought a years sub to parallels, I’m a Mac user so I bought parallels to use windows 11 to get used to it etc, can I use that instead of the other applications mentioned? Don’t want ti waste a yr when I’m only a month into it? And great video. Thank you for uploading this. Made a subscriber out of me.
Thanks! I personally haven’t used parallels before but it does seem to have the capability to host virtual machines so I would say using parallels is fine
1 small correction: you don't need a valid licence to install Windows 10. I have several times used the Microsoft media creation tool on an inactivated Windows 10 machine to create a Windows 10 iso and managed to install Windows 10 on about 40 other PCs without incident. The limitations of an inactivated Windows 10 version are very minor.
Thanks for the correction! ❤️ That is good news, utilize the media creation tool to your heart’s content!
Nice video! Can you make a video on how to network in cybersecurity for an entry level position in Canada? Like what forum or group community you can visit. Thanks.
Thanks! I actually have a video here, not sure if this is what you're expecting!
th-cam.com/video/6v_ZsJdnhOw/w-d-xo.html
@@MyDFIR Do you have a discord group?
Would you recommend a laptop or a desktop for a beginner? I currently have an M1 macbook but can't do some of the x86 virtualization stuff on it.
I would say which ever is cheaper. In my opinion, since I like to move around a lot, I went with a laptop that is capable of hosting multiple virtual machines but I also have a beefy server as well. However, I know some folks are not in the position to do that which goes back to my "which ever is cheaper".
An alternative is to use the cloud. I believe you get free credits in Azure (200$) when you first sign up to test and play around.
Hope that helps!
Please explain, Is SOC job is doable as entry level position? And what are some entry level position to get skipping the help desk ?
It can be but if you do skip the helpdesk just make sure you have some IT knowledge. I’ve created a video of entry level roles on my channel
Your videos are toooo goood !!!! 🥺😭could you please suggest me network configurations for my VM ,(Virtual Box) thought of doing pdf embedded javascript malware analysis (file less & file based) , which one would be a better choice? Remnux , FlareVM , or Malwarejail Sandbox.
please help me
They are all good :) I usually use Remnux for static analysis and FlareVM for dynamic
On 12:06 you mention the importance of configuring the VM correctly as a sandbox environment - do you have a video that covers that? - thx!
No specific video but make sure your network adapter is set to internal/host only or not attached when executing suspicious files and disconnect any shared folders attached to the VM.
Essentially you want to limit connectivity to your home network and PC as much as possible.
Cool, thanks a lot! @@MyDFIR
👍👍👍👍👍👍👍👍👍👍👍👍👍👍👍👍👍👍
Hey, thanks for the valuable content!
Can we set up the Windows 10 environment shown in the above video in virtual box on Macs with Apple silicon?
Will it run without any issues (because it's not Intel based Mac)?
Thanks!
Unfortunately with Apple silicon you will experience some issues but if you use Parallels, it MIGHT work. As an alternative, you could try using the cloud.
Thanks for the quick response! Do you have any tutorial on how to use the cloud for this purpose?@@MyDFIR
i have 2 questions:
1. some time back i downloaded the kali iso, but for bare metal. then download VMware & ran it on the virtual machine. is there any disadvantage of running the iso made for bare metal on a VM? or could it be run as both?
2. by snapshot do you basically mean a system restore point? and does this restore point remove all the viruses as well? from what i know it just restores the boot drive back in time? what if the malware or whatever infects other drives too?
Great questions all around.
1. The difference is between the type of hypervisors. Bare metal == Type 1 which will utilize every resources that is available to you. If you have VMWare and and created a virtual machine utilizing that, it would then be Type-2 which will still utilize resources but will be shared with the HOST OS. So the only difference would be resource utilization and if its just labs it shouldn’t matter too much.
2. You can think of snapshot as a system restore point. In other words think of restoring a snapshot as tearing down your virtual machine and restoring it back to the last snapshot you took, so yes it should remove all the viruses ON that virtual machine.
If malware infects other drives and those drives are connected on the same network on different machines then that is not a fun day.
@@MyDFIR thank you sir. explained really well. i hope your channel grows big, you're doing good work for people trying to get into the infosec workforce
Awesome video, super helpful. When trying to make the snapshot, I get an error stating it could not open the medium. VERR_FILE_NOT_FOUND. Would you know how to solve this issue?
Did you happen to move your VM to another location? Might need to rebuild it if anything
@@MyDFIR I downloaded virtual box previously and had some VM on there, so i followed your instructions after that process since it’s been a while. By rebuild do you mean I should delete the windows OS VM and make it again, or uninstall and reinstall virtual box as a whole?
Hey dfir, can i use these videos for my club’s education workshops? We’ll be doing demonstrations physically. But the principles will be from the video. Is that okay?
Absolutely! Please do, I am happy my videos help.
Hey! I know I am a little late to the party but when I am trying to start the Kali VM after importing it into Virtrial Box nothing opens up, its just keeps saying error VERR_FILE_NOT_FOUND, I got this first VM to open and run normally but can't get Kali to work, any thoughts?
Hm you might have installed the wrong kali or it may have been corrupted during the download, try downloading it again and be sure to select VirtualBox (if you are using that)
Can you make this video buy on Mac please
I personally do not have a Mac yet but once I do, ill look into it. It may be a bit more difficult due to different architecture builds.
Can you make a video in which you show us to how to configure the virtual machine so we don't get infected with malwares?
Yup currently in the works, should be out soon! Stay tuned 😃
@@MyDFIR Thanks 🙏
Quick question, is proxmox suitable for a similar cybersecurity lab? I run a proxmox server that is essentially running nothing at the moment. I wasn't sure if other hypervisors were better for any specific reason
You can definitely use proxmox! Some prefer it over ESXI, honestly whichever suits you.
@@MyDFIR Thank you for the quick response. I’m a few months into my first helpdesk job and they are having me learn cybersecurity to take on that role in the company. I finally had some change laying around to get a proxmox server up and running and I figure i’ll put it to use. Your quick response is going to keep me as a long time watcher!
That is awesome! Good for you 🙌 feel free to ask questions, ill be happy to try and help.
Where do I find the Windows logging software (Splunk etc,)?
Great question, you can head over to their site to download Splunk however you will be required to sign up for an account. Ive created a video with step by step walkthrough if you get stuck. Let me know if you have any questions!
I have Windows 11 do I need Windows 10 for the lab?
Windows 11 should work, I personally haven’t tried yet.
I had an issue bro.. While istalling windows in V.M.... I had getting like.. "Windows can't be installed on drive 0 partiton" Is there any solution...
You can try to add another hard drive for your VM and try again
Do all the downloads including windows installer work on macs?
Depends if you have M1/2, they tend to not play nice but if you have Intel chips they *should* be ok
Thanks ill give it a try@@MyDFIR
Wait.... did you say that I will need a license for the Windows OS? I didn't see anywhere that you used one!
Apparently you no longer need one. Previously you would be required to have a licensed Windows machine to create an ISO image which is what I was referring to.
@@MyDFIR I was cringing the entire time I was installing Windows in my VB. It took forever compared to all the Linux versions I have installed!
Gotta love Windows! Haha 😂
I tried installing kali linux on Virtual Box. But When I boot the OS, I get a warning "spectre v2 mitigation leaves cpu vulnerable to retbleed attacks, data leaks possible". Is this a serious issue.
Does that happen only for kali? Or does that error happen for any VM? In short, you may experience data leak from a vm to your host. Is it serious? Depends on what you do. If malware analysis perhaps, but if just testing tools, you’ll be fine.
@@MyDFIR The same error came for Debian installation. I am just a beginner. So I will only be doing the basics now. Hope that won't cause a leak.
Nice video, but you didn't tell us how to properly configure our vm so our "host is toast" 😂 sorry, NOT TOAST 😂 😂 😂
😂 i do provide some information in part 2 of the lab. At the end of the day, depending on what you’re doing, internal network/host adapter is a pretty good choice
I don't know the issue but the password is not working for me
Caps lock on?
Yes this is important, but no its not necessarily going to make you stand out on its own anymore. Most people are aware of labs and projects if they watch any cyber channel on YT.
Couldn’t agree more! It will make you “stand out” if it is applied, there are a lot of people who say but don’t do if that makes sense and it shows.
Labs & Blogs folks!
@@MyDFIR I agree completely. I think homelabs are necessary for practice, and not using them can make you stand out-in a bad way!
You should looksmax
One of the realest blue teamer out here no BS only good stuffs. Mucho gracias 🙏🏿
Appreciate that! Thanks for watching 😃