To excel at penetration testing, you need to have your lab for practise/research. I would suggest one to use virtual machines which are free in the market. I would go with VMware Workstation rather than Virtual box, it’s just my personal option. You can choose any one.
1. VMware Workstation
Click here to download VMware Workstation
2. Kali Linux iso
Click here to download Kali Linux Iso
Click here to download bee-box
Why we need Bee-Box
For web application penetration testing we often need a vulnerable application to exploit. We cannot exploit on our operating system instead we need a dummy server. So this bee-box comes in handy and it is a custom Linux VMware virtual machine pre-installed with bWAPP. Bee-box gives you several ways to hack and deface the bWAPP website. This helps security enthusiasts to discover and prevent the issues.There are quite many features in this virtual machine which you will see it once it’s been installed.
- First you need to install VMware in your system. It’s quite easy to install VMware by clicking on ‘Next‘ buttons with default selected options.
Now it’s time to install Kali Linux OS in your workstation. Just follow the steps mentioned in the article ‘set up Kali Linux‘
Extract bee-box now. You should see a file ‘bee-box’ with (.vmx extension) as shown below. Just double click on it.
You should see your Vmware setting up your server. Isn’t it simple?
By the way Default user and password: ‘bee‘ and ‘bug‘. And now you should see a screen just like below
Okay now click on the terminal icon and type ‘ifconfig‘ command to get your server address.
That’s it your lab with vulnerable application is now ready to hack. We will learn how to find vulnerabilities in the application in next few posts. Cheerzzz..!