Be sure to scroll down and view the whole post as there is both audio and video coverage of today's episode!

Today's episode is part 1 of a series all about setting up a virtual pentesting lab for about 500 bucks. We're kicking off the series with a segment on selecting hardware, getting ESXi installed to a USB drive and then getting all the components hooked up and powered on.

Grocery list:

The config I went with was inspired by this post, and to keep the rig in the ~$500 sweet spot, here's my grocery list:

Hooking everything up:

Getting the hardware installed is pretty simple - you just need a Phillips screwdriver and that's about it! 4 screws on the bottom of the case zip open and then all the parts are plug-n-play/pray:

Create ESXi boot media:

I'm on a Mac, so I followed these instructions which I borrowed heavily from this GitHub project. Be very careful when formatting and imaging disks as you don't want to nuke the wrong drive!

Login to ESX console and enable SSH:

In the video version (below) I show how to turn SSH on for management, but all you really need to do is hit F2 from the console, go under Troubleshooting Options and choose Enable SSH.

Lets rock!

At this point you should be ready for part 2 (continuing next week) to get your NUC network and storage config'd so you can start lighting up some pentest VMs!


Here's the complementary video content for today's audio podcast:

7 Minute Security #224: DIY Virtual Pentesting Lab - Part 1 from Brian J on Vimeo.