top of page

Virtual Router Pentest Lab

A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities.

Pen testing can involve the attempted breaching of any number of application systems to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks.

A wide variety of security assessment tools are available to assist with penetration testing, including free-of-charge, free software, and commercial software.

Software frameworks:

⤿ BackBox;

⤿ Hping;

⤿ Metasploit Project;

⤿ Nessus;

⤿ Nmap;



⤿ w3af, ...

Penetration testing phases

The process of penetration testing may be simplified into the following five phases:

⤿ Reconnaissance: The act of gathering important information on a target system. This information can be used to better attack the target. For example, open source search engines can be used to find data that can be used in a social engineering attack.

⤿ Scanning: Uses technical tools to further the attacker's knowledge of the system. For example, Nmap can be used to scan for open ports.

⤿ Gaining access: Using the data gathered in the reconnaissance and scanning phases, the attacker can use a payload to exploit the targeted system. For example, Metasploit can be used to automate attacks on known vulnerabilities.

⤿ Maintaining access: Maintaining access requires taking the steps involved in being able to be persistently within the target environment in order to gather as much data as possible.

⤿ Covering tracks: The attacker must clear any trace of compromising the victim system, any type of data gathered, log events, in order to remain anonymous.

Once an attacker has exploited one vulnerability they may gain access to other machines so the process repeats i.e. they look for new vulnerabilities and attempt to exploit them. This process is referred to as pivoting.


VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality. Its configuration syntax and command-line interface are loosely derived from Juniper JUNOS as modeled by the XORP project.

This is an open source routing operating system and is the successor to Vyatta. VyOS is considered an enterprise solution and while it is freely available, there are some limitations as VyOS does offer support contracts to it’s customers and paying customers have access more features.

Download Vyos iso image here

Credentials: vyos / vyos

You can developing an advanced pentesting lab using VMware, Metasploitable3, Kali, and VyOS.

Now roll up our sleeves and get busy building your network!


50 views0 comments

Recent Posts

See All

Universal Serial Bus flash drives, commonly known as USB flash drives are the most common storage devices which can be found as evidence in Digital Forensics Investigations. Digital forensic investiga

These days I brought some IP cameras home and unfortunately I don't have an NVR to manage. Searching the internet I found c-mor & ZeroMinder's solution - very cool and I would like to share it with yo

These days I was looking for more details about load balancers and found some great tools I need to share with all of you - it´s a free load balancer!! Go to

bottom of page