September 10, 2023
Building My First Home Lab for Cybersecurity
How I set up a home lab on a budget for hands-on cybersecurity practice and why you should too.
home-labcybersecurityhands-ontools
Reading about cybersecurity is one thing. Doing it is another. A home lab bridges that gap. It’s where theory becomes muscle memory, and where you can break things without consequences.
My Setup
I started simple — no expensive hardware required:
- Host machine: My regular laptop running macOS
- VirtualBox: Free hypervisor for running VMs
- Kali Linux VM: My offensive security toolkit
- Metasploitable 2: An intentionally vulnerable VM to practice against
- Ubuntu Server: For learning Linux administration and setting up services
Total cost: $0 (if you already have a computer).
What I Practice
- Port scanning with Nmap against my vulnerable VMs
- Web app testing using DVWA (Damn Vulnerable Web Application)
- Packet analysis with Wireshark, capturing traffic between VMs
- Privilege escalation exercises on intentionally misconfigured systems
- Writing Python scripts to automate repetitive tasks
Lessons Learned
- Start small — You don’t need a rack server. A laptop with 16GB RAM runs three VMs comfortably.
- Snapshot everything — VirtualBox snapshots let you break things and restore in seconds.
- Document as you go — I keep notes in Obsidian for every exercise. Future me always thanks past me.
- Isolate your lab — Use host-only networking so your practice traffic never touches your real network.
If you’re studying for any security certification, a home lab isn’t optional — it’s essential. The exam might test your knowledge, but employers test your skills.