Lab Environment & Tools¶
Warning
All work for this lab will be performed exclusively from the Linux Jumphost/Client (client01). The client is accessed via RDP (Windows Remote Desktop) or ssh. No installation or interaction with your local system is required.
All pre-built environments implement the Lab Topology shown below. Please review the topology first, then find the section matching the lab environment you are using for connection instructions.
Components and Tools¶
Linux Client (Client01):
- Web Attack Tools:
- Burp Suite Community Edition - HTTP Request Manipulation
- iMacros - Web Scraping
- ab (Apache Bench) - HTTP Load Testing
Kali Client (Kali-BaDOS):
- ab (Apache Bench) - HTTP Load Testing
Linux Server (Server01):
- WebGoat 8 - deliberately insecure application
LAMP Server (LAMPv4):
- Hackazon - deliberately insecure application
BIG-IP (bigip01):
- Local Traffic Manager
- Application Security Manager / Advanced WAF
Lab Topology¶
#####Need topology description#####
The following table lists VLANS, IP Addresses and Credentials for all components:
Component | mgmtnet IP | clientnet IP | servernet IP | Credentials |
---|---|---|---|---|
Linux Client (client01) | 10.1.1.51 | 10.1.10.51 | N/A | https-f5student:f5DEMOs4u! |
Bigip (bigip01) | 10.1.1.245 | 10.1.10.245 | 10.1.20.245 | https - admin:password ssh - f5student:f5DEMOs4u! |
Linux Server (server01) | 10.1.1.252 | N/A | 10.1.20.252 | ssh - f5student:f5DEMOs4u! |
Kali (Kali-BaDOS) | 10.1.1.245 | 10.1.10.100 / 10.1.10.200 | N/A | ssh - f5student:password |
Linux Server (LAMPv4) | 10.1.1.250 | N/A | 10.1.20.250 | N/A |
A graphical representation of the lab:
Note
External links are not required reading for the lab, rather supplemental if you you would like to get a different take or additional info.