ℹ️
This page is part of a larger series on building a cybersecurity lab using VirtualBox. Click here to be taken back to the project home page.
Previous Step
Why this Post?
This post was added to guide much later after the original publication, because as of this writing, Vulnhub is more or less out of commission. Since OffSec acquired Vulnhub, they have been steering people over to their OffSec Proving Grounds platform, but you still have access to past-published Vulnhub VMs.
Using HackMyVM Responsibly
The VMs you find on HackMyVM are developed by the community, and we thank them for their efforts, but your network and the security of said network are paramount.
❗
Always put untrusted hosts on a secure, segmented network behind your pfSense firewall, preferably your ISOLATED network.
VirtualBox and HackMyVM Boxes
ℹ️
The process with HackMyVM boxes and Vulnhub VMs is nearly identical with respect to VirtualBox. So, I'll be condensing the information here and referring you back to the Vulnhub step for more clarification, so that I don't need to repeat myself.
Importing a HackMyVM Box
Two Ways to Use HackMyVM
- Anonymously — you can use the platform without creating an account, but you need to use the RSS feed to see the full list of VMs
- Registered — you can register for an account on the platform and have access to more features, either way the platform costs nothing
Example Import Process
Download Source: https://downloads.hackmyvm.eu/atom.zip
🛑
Do not start the VM as we need to make a few modifications
✅
Import successful! Take a snapshot of your VM in its current state before starting the pentest and roll back in case of issues. Power up your VM and then, go and do your
nmap
scans and have fun!