Develop security scripts to create vulnerable virtual machines and learn penetration testing techniques
The article demonstrates the concept of building a laboratory for penetration testing using a special pro-gram. The program is a set of scripts that configure the system in accordance with a user-defined script. Thanks to the elements of script randomization, this solution allows you to deploy several educational tasks at once to a group of students using only one virtual machine image. The basic idea is that the set-up and creation of a vulnerable target occurs just before the execution of the learning task itself. Those, the virtual machine is initially a basic Ubuntu Linux image that does not have any set of vulnerabilities. The main feature of the proposed solution is that the content of the scripts describes not one variant of the system configuration, but several at once, forming scripts with elements of randomization. In other words, having a basic Ubuntu Linux image and a set of the scripts, you can create different tasks for a dozen students.