Vulnerable VM's similar to OSCP Labs?

towentumtowentum Member Posts: 41 ■■□□□□□□□□
Does anyone know of any Vulnerable VM's similar to the OSCP lab machines? I'm looking to get some practice in before I **** money on the lab time and exam. I know I can get 90 days of lab time, but I'm not exactly comfortable enough yet to pay that kind of money.

Comments

  • iBrokeITiBrokeIT GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,289 ■■■■■■■■■□
    https://www.vulnhub.com/

    You're welcome icon_cool.gif
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA | eCPPT | eWPT | eCTHP

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security
  • towentumtowentum Member Posts: 41 ■■□□□□□□□□
    My problem with these is a lot of them don't seem very realistic. Sure, helps me practice and I like it but I'm looking for more real world scenarios.
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,882 Mod
    Try pentesterlab.com
  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
  • towentumtowentum Member Posts: 41 ■■□□□□□□□□
    the ctf365 looks really interesting. I'll load that up this weekend and give it a go.
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    CTF365 is interesting. I haven't really gotten anywhere with it but nmap scans and some other things. People really lock down their stuff so that you gotta learn something and how to do it. Some people are understanding and will make their servers a little easier.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • kaizen_404kaizen_404 Member Posts: 16 ■□□□□□□□□□
    towentum wrote: »
    My problem with these is a lot of them don't seem very realistic. Sure, helps me practice and I like it but I'm looking for more real world scenarios.

    Some of the Vulnhub challenges indicate they are reminiscent of OSCP labs. SickOs for example. https://www.vulnhub.com/entry/sickos-11,132/ I found Vulnhub very beneficial before I did the PwK course. Good luck and let me know if you have any questions.
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    You might also try downloading OWASP Vulnerable Web Application for more localized testing https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project
    When you go the extra mile, there's no traffic.
  • MooseboostMooseboost Senior Member Member Posts: 775 ■■■■□□□□□□
    cyberguypr wrote: »
    Try pentesterlab.com

    Just curious - Does anyone know if their Pro sub is worth it? $20 / Month.
    2020 Certification Goals: OSCE GXPN
    Blog: https://hackfox.net
Sign In or Register to comment.