Home Lab Photos: Copyright © Elan Wright / DFIR Diva | All Rights Reserved
These photos may not be used, reproduced, modified, downloaded, uploaded, sold, distributed, or used in any other manner without permission and credit.
One of my favorite things to do in my spare time is play around in my home lab. Aside from being fun (to me anyway), home labs are a great way to get hands on experience using different hardware and software. To demonstrate what a home lab can be used for, I will talk about what I have personally done in my home lab over the years.
In 2009, I started studying for the A+ certification exam. I put an ad on Freecycle looking for unwanted computers and computer equipment so I could practice repairing them. This was the beginning of my home lab:
After I repaired and built as many computers as I could, I started trying different Linux distros to learn more about Linux.
In 2016, I started taking Cisco CCNA classes at a local community college. They had a hands-on lab at the school, but I wanted to play around with routers and switches at home too. I found some used equipment on Ebay and added that to my home lab.
In 2017, while studying for the CySA+ exam, I set up as many tools as I could that were listed on the CySA+ Exam Objectives, and practiced analyzing logs and PCAPs.
In 2018, I started studying for the CCNA Cyber Ops exam. I was curious about Cisco ASA firewalls, so I found a used ASA to add to my home lab along with a step-by-step configuration book (I still need to find the time to set this up). The other book pictured, “101 Labs for the Cisco CCNA Exam” is great for labbing with routers and switches.
After passing the CCNA Cyber Ops exam, I started studying for the CEH and experimented with Kali Linux in my home lab.
Last year, I did a graduate capstone on improving the security posture of a small business using free tools. I was able to set up my lab to mimic a small business and used AlienVault OSSIM as a SIEM and to conduct vulnerability scans. I also set up GoPhish to conduct phishing simulations.
Now that I am working on enhancing my Digital Forensics and Incident Response skills, this is my current setup.
Yes, I know the slashes on the wall decal are going the wrong way. It’s meant to be a joke (see the reference here)
The six computers below have Windows Server 2016, CentOS, Windows 10, Security Onion, Windows 10 running a Cyborg Hawk live CD, and Mac OS Catalina. I’m using a KVM switch with a mouse and keyboard. The “desk” is an old dining room table that I got for free with a cheap coffee table sitting on top of it. Hey, whatever works right?
I also have another Windows 10 computer (below) that I use to practice forensics. I have FTK Imager, Autopsy, and Oracle VirtualBox with CSI Linux, AleinVault OSSIM, SANS SIFT, Security Onion, Kali Linux, Remnux, BlackArch Linux, Parrot OS, and FlareVM installed. This computer has 16GB of RAM, an i5 processor, and a 256GB SSD + 1TB HDD. I haven’t had issues running any of the programs on this computer, but I also don’t use everything I have in VirtualBox at the same time. I have hard drives from my old computers to practice with, as well as old/cheap Android phones to start practicing mobile forensics. I got the hard drive adapter pictured below on Amazon.
UPDATE: I added two more monitors (below) since I originally posted this. I put the single TV/Monitor pictured above on a rolling TV Stand and set the two new monitors on the desk.
All seven computers are currently on a VLAN using a managed Trendnet switch.
I also have the tools and gadgets below to play around with. The Raspberry Pi has Kali Linux installed on it.
For some ideas on what to do with a Raspberry Pi in your home lab, check out these videos:
- Hack a Cisco Switch with a Raspberry Pi – CCNA Security – CCNP Security – Network+
- Set Up an Ethical Hacking Kali Linux Kit on the Raspberry Pi 3 B+ [Tutorial]
- How to Setup a Raspberry Pi LEARNING Desktop (Linux, Hacking, Coding)
Last but not least. Books! I may be slightly obsessed with books.
These are some of the books I have that can be used for hands-on learning in a home lab.
For a basic home lab, all that is really needed is a computer running virtual machine software such as Oracle VirtualBox or VMWare, and a couple of (or several) VMs. This is a picture of one of my VirtualBox setups.
For more home lab ideas, information, and to ask questions, there is a home lab community on Reddit. They also have a Discord Server.
For videos about home labs, check out:
- What is a Home Lab? How can you build your own and why it’s useful! by I.T. Career Questions
- Basic Security Home Lab – with Charles Judd
- How to Build a CHEAP Cisco CCNA Home Lab by Du’An Lightfoot
- Home Lab Setup | Building an Effective Cybersecurity Learning Environment by Cover 6 Solutions
- DFIR Home Labs by 13Cubed
- Building a Cybersecurity Homelab (Written guide with videos) by Day Cyberwox
- I also have a YouTube Playlist of DFIR Home Lab Videos.
There is also a good Building A DFIR Analysis Fort blog post on DFIR Madness (They have a DFIR Challenge as well)
For a book about building and maintaining a virtual lab, see Building Virtual Machine Labs: A Hands-On Guide by Tony Robinson
To find used/cheap computers and equipment online try:
You can get free evaluation versions of Windows Operating Systems HERE
For mobile forensics, The Binary Hick has Android and iOS images available.
To practice analyzing PCAPs in Wireshark, here are some sources for sample PCAP files:
- https://www.malware-traffic-analysis.net/
- https://wiki.wireshark.org/SampleCaptures
- https://www.netresec.com/index.ashx?page=PcapFiles
For more test images and samples check out AboutDFIR and DFIR Training.
Just downloaded a tool or distro and don’t know where to start?
- YouTube: YouTube has tutorials on just about every tool and distro out there.
- Google: You can often find written step-by-step tutorials or forums where you can ask questions.
- Documentation: Yes, it can be tedious, but read the documentation.
Happy labbing!
This is an excellent website Elan. You are showing what it means to have a solid performance ethic, constant cycle of study-learn-work-produce. Your’s is a good example for others to follow.
Great post. Thank you for sharing. This is a good way to set up a lab. Thank you again.
I absolutely love this. This is great inspiration
Excellent
This is great! I rebuilt my lab last year to consolidate a bit. Was able to build a dual 12 core Xeon with 192 GB RAM (overkill, was planning on splitting) for just under 1k with used parts on EBay. Currently rolling a software defined lab that started with Chris Long’s DetectionLab deployment scripts. I’d strongly recommend checking it out!
Excellent
This is very informative 👍
This was a very good article Elan. Very inspirational to me. Amazing detail.
I love it all and am enamored that you have mixed your free time with the passion to tinker and learn. Congrats and keep it up.
Wow Elan, this is excellent! One of the best looking home labs that I have seen. As always, thanks for sharing. I’m a fan!
Great post! It always makes me extra happy to see more and more women in IT! I can relate with “I’m the IT guy”. When I used to do tech support over the phone I would get a lot “can you transfer me with one of the tech guys” man or woman, it didnt matter. I used to get it very often. It’s sad specially coming from another woman. The thing is that from the team I was the only that had a bachellors degree and more years in IT and at the end they would come to me! At first I would get offended when they said “can you transfer me to IT” , I would respond in a very annoyed voice “this is IT, you called IT”. In fact even walk-ins would prefer a Male, but guess what? Same, the “tech guy” would come to me at the end and I would look at the user like “you still ended up with a girl” LOL. I would get challenged as well by the end user because they thought they were Male they knew more than me, and these were non-IT guys, but still at the end I would prove my knowledge and they would simply avoid me, maybe out of embarrassment who knows? All i knew was that i didnt have to deal with them again! Lol
Again, thank you for your post! And it’s always refreshing to see another female labbing their way up to more knowledge!
quite interesting lab environment! Keep up the good work!
Can you show how you set up the trendnet device to work in your environment Please?
I hope you are making a decent living doing what you do. You are very organized have accomplished a lot.
Thank you for the posting and continued success in your endeavors, what you have shown here is outstanding.
Thank you! I followed the instructions in the Trendnet user guide to get it to work in my environment. It was a pretty quick setup. VLAN setup is specific to which ports are being used for what.
Excellent read and very informative. I am happy to see there are still some in the industry that are dedicated to helping others while documenting experiences that influenced the path you have taken.
Happy to be a coworker Elan keep up the great work!
That’s an amazing setup you have there Elan. Definitely have me rethinking my layout especially with the placement of the books and servers. Thank you so much for sharing. You are an inspiration.
Thank you
I really appreciate the in-depth look at your set up and you speaking about how you got there. What an amazing journey! I love the library you have accumulated as well. Thank you for sharing.
Just wanted to say, THANK YOU! I’m a noob and is hard to find a space that is so well documented that actually has all I need and more, the work that you are doing by sharing your own work is extremely valuable, and is important that you know that they are a ton of people that are thankful for you help!
I am currently in a masters program for cybersecurity engineering. I am curious about the Cisco Certified CyberOps Associate CBROPS certifation. As I am trying to specifically become a cyber engineer, would it be recommended to obtain this certification instead of CCNA?
If so, would it be beneficial to setup a a conventional CCNA/CCNP home lab with routers, switches, and so on? Also, which books would you recommend for this route?
Hello. I don’t really know about the cyber engineer role or what’s required for that, but the Cyber Ops certification is geared toward SOC Analysts/Incident Response.
WOW! Loving your Home Lab. I actually just started mine this year. I’m going to document my progress and maybe someday I’ll be able to help others just as you. Very informative and inspirational.
Definitely recommending your site who is entering not only into Digital Forensics but just plain IT. Great place to start and I love the how to on home lab set up. Have not seen anywhere else the amount of detailed Information all together in one place. Thanks for your dedication to the field and newbies.
This has to be one of the most impactful exhibits of commitment to everything computing that I have read in a long while. Thanks for sharing your life’s work with us.
This is solid. Your progression in IT from A+ to Digital Forensics is a great source of inspiration for anyone with the desire and will to develop and master key information technology skills. Thanks for sharing.
keep it up.
God willing and God speed
DFIR DIVA, love your website, super informative! Thanks for sharing your lab evolution! LOVE IT!!! I wish I would have found your page sooner, would have helped me a great deal as I finish up my MS in DF. Is there a free, open source tool you would recommend to extract iPhone SE data? My schools forensic virtual machine is just not working right and trying to extract iPhone data on a VM using Cellebrite UFED and Axiom is just not working. I don’t have access to paid tools at home, so am looking for another solution. Thanks for all you do!
Hello, my apologies for the late response. I haven’t personally done any iPhone forensics yet, but a great place to ask is the Digital Forensics Discord server. It is a great community and they have mobile forensics channels. https://aboutdfir.com/a-beginners-guide-to-the-digital-forensics-discord-server/