O'Reilly logo
live online training icon Live Online training

Build Your Own Cybersecurity Lab and Cyber Range

Practice and Enhance Ethical Hacking and Defensive Security Skills

Topic: Security
Omar Santos

Numerous cybersecurity and penetration testing tools and techniques have the potential to damage or destroy the target system or the underlying network. In addition, if malware is used in testing, there is the potential for infection and spread if testing in an Internet-connected testbed. This class will teach how to build your own virtualized, physical, or cloud-based environment to practice your skills in a safe ecosystem.

You will learn what you need to create a lab for offensive and defensive cybersecurity concepts. You will also learn and obtain access to numerous tools that you can use to practice your skills, from virtual machines (VMs), Docker containers, and intentionally vulnerable systems. You will learn how you can leverage tools like Virtual Box, VMWare Workstation/Fusion, ESXi, Proxmox, or even OpenStack to build your own cyber range. In addition, you will also learn how to use tools like Vagrant and Ansible to automate a lot of tasks. Vagrant files and Ansible playbooks will be shared during the class for you to build complex lab environments within minutes. You will also learn how to create environments in cloud services such as AWS, Azure, Google Cloud, and Digital Ocean.

This course is designed for anyone preparing for a certification like Certified Ethical Hacker (CEH), CompTIA PenTest+, CEH Practical, Offensive Security Certified Professional (OSCP), Cisco CCIE Security, CCNP Security. It is also designed to help those just learning how to perform penetration testing (ethical hacking), exploit development, or reverse engineer malware.

This live and interactive training is designed to help you get started building different lab environments to practice cybersecurity skills. This training is important for any individuals preparing for cybersecurity certifications or that are just passionate about learning new hands-on skills.

What you'll learn-and how you can apply it

  • Tips on how to build a virtualized environment
  • Cybersecurity tools that are essential for many certifications in the industry
  • Getting started with vulnerable targets and malware analysis
  • Docker containers that include intentionally vulnerable applications along with several labs that you can complete in your own time
  • Automated tools to instantiate new offensive and defensive cybersecurity lab environments
  • Tips on how to build your lab in a cloud environment
  • Tips on how to segment your network and use sandboxes to analyze malware

This training course is for you because...

  • You are interested in cybersecurity
  • You are preparing for the cybersecurity certifications
  • You want to learn about the different ways that you can practice your skills in a safe environment
  • You want to learn different tips on how to create multiple


  • Course participants should have a basic understanding of computing and networking.

Course Set-up:

  • Supplemental information and additional material for this course can be accessed at: https://h4cker.org/labs

Recommended Preparation:

Recommended Follow-up:

About your instructor

  • Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives. He is the lead of the DEF CON Red Team Village; the chair of the Common Security Advisory Framework (CSAF) technical committee; the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group; and has been the chair of several initiatives in the Industry Consortium for Advancement of Security on the Internet (ICASI). His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.

    Omar is the author of over twenty books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. Additional information about Omar’s current projects can be found at omarsantos.io and you can follow Omar on Twitter @santosomar.


The timeframes are only estimates and may vary according to how the class is progressing

  • Creating a virtual networking lab with Virtual Box, VMWare Workstation/Fusion, ESXi, or Proxmox (40 minutes)
  • Using Linux Kernel modules to build a wireless hacking lab without the need of physical adapters (10 minutes)
  • Break (10 minutes)
  • Building your lab in cloud environments (AWS, Azure, Google Cloud, and Digital Ocean) (20 minutes)
  • Automating lab deployment with Vagrant and Ansible (20 minutes)
  • Creating sandboxes for malware analysis (20 minutes)
  • Break (10 minutes)
  • Introduction to Cyber Ranges (10 minutes)
  • Using Docker to practice your offensive and defensive security skills (40 minutes)
  • Break (10 minutes)
  • Lab scenarios for ethical hacking certifications such as CEH practical, PenTest+, OSCP, and others (30 minutes)
  • Lab scenarios for network security certifications such as CCIE Security and CCNP Security (20 minutes)