📄️ Getting Started
For last two years, I've been teaching introductory and advanced Ethical Hacking. An issue that I wanted to resolve was the issue of targets without context. Pulling down a vulnerable virtual machine from vulnhub or participating in a hackthebox challenge is all well and good if you want to serially go after unrelated vulnerabilities.
📄️ Architecture
The ETHHACK course will contain components of a default course as deployed by RangeControl, The Gateway Configuration will change depending on your resources. The architecture shown below assumes a monolithic deployment on one highly provisioned hypervisor. If you need to support a huge number of clients, you would likely introduce a new virtual router gateway that supports targets running on another server. You would connect these two gateways via IPSEC or another site-to-site VPN like wireguard so that attack traffic does not appear in the "clear" over your production network.
📄️ Building the Course
The following RangeControl configurations were used
📄️ Building a target
Target Base VMs
📄️ Access Control
Folder Structure for Targets