September 23, 2021

Security solutions in home lab recommendations?

So I’ve got an active directory home lab, where I’ve been working on AD attacks and AV bypasses. It’s fun but I want to up the challenge / understand the opsec of my attacks. Do you guys have any recommendations for

​

1. host AV that is better than Bitdefender / windows defender?

​

2. Open source or cheap SIEM that I can set up in virtual box to monitor machines easily?

​

3. EDRs for home labs ?? I know EDR companies don’t like giving out software for people to test against so I might just have to skip this.

​

4. IDS/IPS solutions I can add too these networks or at least in between them? (currently using PFsense firewalls to route between subnets/ AD forests and domains.)

​

5. If possible to practice phishing (Idk if I can do exchange server in virtual box in a reliable way), any common extra mail security companies use?

​

​

Hardware specs are a 5950x 32 thread CPU and 64GB of ram so I’m hoping I can have the monitoring, kali, and at least 3-4 windows machines to attack. I’ve done some googling but haven’t found anything super useful on what would be best to have an overall string homelab to practice and kinda play blue team vs myself.

Comments

bitslammer

Suricata on pfSense is what I run at home. Really like it.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.