Vulnerable VM's similar to OSCP Labs?

towentumtowentum Member Posts: 41 ■■□□□□□□□□
in Other Security Certifications
Does anyone know of any Vulnerable VM's similar to the OSCP lab machines? I'm looking to get some practice in before I **** money on the lab time and exam. I know I can get 90 days of lab time, but I'm not exactly comfortable enough yet to pay that kind of money.
· Share on FacebookShare on Twitter

Comments

  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    https://www.vulnhub.com/

    You're welcome icon_cool.gif
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
    · Share on FacebookShare on Twitter
  • towentumtowentum Member Posts: 41 ■■□□□□□□□□
    My problem with these is a lot of them don't seem very realistic. Sure, helps me practice and I like it but I'm looking for more real world scenarios.
    · Share on FacebookShare on Twitter
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Try pentesterlab.com
    · Share on FacebookShare on Twitter
  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    Try https://ctf365.com/
    · Share on FacebookShare on Twitter
  • towentumtowentum Member Posts: 41 ■■□□□□□□□□
    the ctf365 looks really interesting. I'll load that up this weekend and give it a go.
    · Share on FacebookShare on Twitter
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    CTF365 is interesting. I haven't really gotten anywhere with it but nmap scans and some other things. People really lock down their stuff so that you gotta learn something and how to do it. Some people are understanding and will make their servers a little easier.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    · Share on FacebookShare on Twitter
  • kaizen_404kaizen_404 Member Posts: 16 ■□□□□□□□□□
    towentum wrote: »
    My problem with these is a lot of them don't seem very realistic. Sure, helps me practice and I like it but I'm looking for more real world scenarios.

    Some of the Vulnhub challenges indicate they are reminiscent of OSCP labs. SickOs for example. https://www.vulnhub.com/entry/sickos-11,132/ I found Vulnhub very beneficial before I did the PwK course. Good luck and let me know if you have any questions.
    · Share on FacebookShare on Twitter
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    You might also try downloading OWASP Vulnerable Web Application for more localized testing https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project
    When you go the extra mile, there's no traffic.
    · Share on FacebookShare on Twitter
  • MooseboostMooseboost Member Posts: 778 ■■■■□□□□□□
    cyberguypr wrote: »
    Try pentesterlab.com

    Just curious - Does anyone know if their Pro sub is worth it? $20 / Month.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.