Homelab Environment v.2025

Some ramble, some homelab updates.

Posted Jan 26, 2025 Updated Jan 28, 2025

By Robin Wenstrom

7 min read

Pre-ramble

I have been working on a lot of things all over the place.

Some are setting up a fully automated environment that can be shared with my coworkers, and currently I am not sure how much I can share on that but, I want to do a write up on it.

Working on classes with WGU - progress have slowed down due to certifications, but progress are being made!

Attended multiple courses virtually, one in particular I really enjoyed was the SOC Level 1 Live Training with TCM Security [TCM Security, Inc.], and I really think they are in the top with Antisyphon [Home - Antisyphon Training] on offering the best online training I have attended thus far. I would highly recommend you try both out and see which one you enjoy the more.

TCM Security are also offering live training, which I am attending both virtually. Super excited for these.

Master Active Directory Security: Defend Your Network Against Advanced Attacks
What is the Practical Network Penetration Tester (PNPT) Accelerated Camp?

My (flexible) goal(s) for 2025, would be to pass at least 1 of the TCM Security certifications, so far I feel somewhat prepared for the Practical SOC Analyst Associate (PSAA) certification and might attempt it soon(tm) and a stretch goal is to try pass the Microsoft Cloud Red Team Professional (MCRTP) by PwnedLabs - I attended their bootcamp and that was incredibly fun and educating, highly recommend them!

Ongoing learning, with various provides I use currently:

Hack the Box - Hack The Box: The #1 Cybersecurity Performance Center
TCM Academy (including planning on taking their certifications, PNPT, PJPT, PSAA, PCRP) - TCM Security, Inc.
LetsDefend - LetsDefend - Blue Team Training
MetaCTF Cyber Range - Antisyphon Training
Pwned Labs - The ultimate cybersecurity training ground
The full catalog from Antisyphon Training (+40 courses) - Course Catalog - Antisyphon Training

Project - Homelab environment

What I haven’t had the time (or more accurately, started and forgotten) is to set up a proper home lab environment.

That is something I wanted to touch on today, in this post I wanted to take a step by step approach to set up an environment that I will use for my lab.

We will be using:

Hyper-V - feel free to use whatever hypervisor or service you are comfortable with if you want to replicate this, such as VirtualBox or VMWare, or even Azure, AWS and GCP.
1 Windows Server 2025 acting as the Domain Controller and CA. Might actually expand this to 2-3 servers depending on the workload.
3 Clients - very likely all will be Windows 11. I might throw in a Windows 10 for good measure. I even might expand this further.
1 Ubuntu server - likely to be used for general usage or a webserver.
1 SQL Server for various purposes.
[Optional] Email server - I haven’t decided if I want to set up a Exchange server or not just yet.
SIEM - Likely to be Wazuh as it’s open source and free, maybe Splunk and Microsoft Sentinel for the migration experience.
Kali 2024.4 with KaliTweaks installed for our attack scenario, including Metasploit.
Security Onion - Security Onion is like a Swiss Army knife for network security. It’s a free and open-source platform that helps organizations monitor and protect their networks from cyber threats.
GHOST for creating NPCs in my lab environment. [GHOSTS Client Overview - GHOSTS Documentation] - kudos to my colleague who mentioned this one.
Atomic Red Team [https://github.com/redcanaryco/atomic-red-team] for emulate attacks along side with my own testing.
EvilGinx2 - in the process of all this, I also wanted to finish the course I’ve been slowly been working through, EvilGinx Mastery for phishing emulation.
[Optional] Hak5 BashBunny + Cloud C2 - I got myself a BashBunny for Christmas, and included the community version of the Hak5 Cloud C2 to see what I could achieve and learn from it.
[Optional] Learn by Doing - Python3 Command and Control How To Guide - By Joe Halle

Ideally I would have this environment also onboarded in a Microsoft 365 Environment, but that is for later stages, as I would love to see how the Microsoft XDR are tackling everything, for example with Automatic Attack Disruption and playbooks with Sentinel.

Okay that’s a lot! I’m sure I’m missing something but for now, this have to do. There are definitely other things I want to add, but I want to have this as a ongoing project for myself. So lets get down to business and get started on some of the basic stuff.

Preparation - Downloading the ISOs

Start with downloading your evaluation copy of your Windows Server version. In our case we are using Windows Server 2025. [Windows Server 2025 Evaluation Center]

You can also grab your preferred SQL and Windows evaluation copy from here as well, as well as 3 month trial(s) for:
Defender for Identity - upcoming blogpost on how to install and configure this.
Microsoft Intune Suite - have some ideas on blog post for this too.
Microsoft Intune and Microsoft Configuration Manager Evaluation Lab Kit - great starting point if you want to learn Intune.
Microsoft Configuration Manager (Current Branch) - In case you want to run SCCM in your environment, something I’ve been considering as well.

You also want to download the ISO for your desired Linux Distribution, in our case we will use Ubuntu.

Ubuntu download - Get Ubuntu

Kali Linux is our preferred ‘attacker OS’ and there are multiple distributions out there so it’s really up to you what you like.

Kali Linux Download - Kali Linux
Kali Tweaks - kali-tweaks
Kali in Hyper-V - Installing Hyper-V Enhanced Session Mode (Guest Tools)

Security Onion Download - Security Onion Solutions

Hardware

The hardware in my homelab environment(s) consist of the following (pictures to follow when I clean up the rack and 3D Printed some mounts)

1 x MINISFORUM MS-01
Intel Core i5-12600H
96gb RAM DDR5 5600MHz
1x 256GB Samsung 960 Pro
1x Corsair MP600 PRO LPX 4TB

1x MINISFORUM MS-01
Intel Core i5-12900H 2.5GHz
96gb RAM DDR5 5600MHz
1x 512GB Kingston Drive.
1x 1TB Kingston Drive.

1x Intel NUC 13 Pro (Asus NUC) - This one is mainly for Azure ARC Jumpstart and utilizing it for work. - Azure Arc Jumpstart
Intel Core i5-1340P with 12 cores and 16 threads
64GB DDR4
1x 1TB WD Digital SSD

2x Apple 2023 Mac Mini - for Intune macOS Testing
Apple M2 Chip 8-Core CPU
8GB Unified Memory
256 GB SSD.

2x Rasberry PI - Because why not!
Raspberry Pi 5 8GB

I am definitely missing some NUC that is of a random brand (Beelink I think is one of them) that will be used for Microsoft Autopilot. Will update the post later with the details on these.

Network

1x GL.iNet GL-MT3000
Wi-Fi Router for when I try to learn more about Wi-Fi hacking. And Generally using it for my lab environment.

1x Ubiquiti Pro Max 16
To run my lab equipment on as well as my work and school, separated by VLANs.
This is mainly due to my whole home network runs on Ubiquiti.

2x Flex Mini 2.5G
Ideally I wanted 10GB Network for my whole network, but currently that is not possible and all devices don’t support this, so I have the Flex Mini’s as backup for when I rewire my rack and can incorporate these to enable 2.5GB Network between my lab.

Okay that’s all for now!

Let’s get started with downloading all the files and ISOs and then in the next post, we’ll start configuring and installing everything.

Boy do I really need to learn markdown formatting.

personal, education

This post is licensed under CC BY 4.0 by the author.