Virtual Hacking Labs (VHL) Review
Disclaimer: This is not a promotion / advertisement. I am not gaining anything by reviewing VHL. I am not promoting this website in any way nor I have any affiliation with it. I am just really happy I found it because it has really helped me prepare for my OSCP exam. I just want to give you my honest opinion and share my experience in order to help you decide whether VHL is what you are looking for. This is the reason why I wrote this article as the main purpose of my blog is to share experiences, techniques, tutorials and material I find interesting and are related to InfoSec or CTFs.
VHL is a full penetration testing lab that is designed to make you learn the practical side of vulnerability assessments and penetration testing in a safe environment. They provide an online lab environment where beginners can make their first step into penetration testing and more experienced professionals can sharpen their pentesting skills. The online hacking labs contain real-world scenarios with systems and devices that can be found on most company networks. You will find vulnerable Windows, Linux and Android hosts, webservers, mail servers, firewalls, web applications and many more systems, services and applications. Every system in the labs is uniquely configured to contribute to a specific learning experience that involves one or more attack vectors.
Just like HTB, VHL offers a collection of targets for you to exploit with a reset panel that you can reset your boxes if you mess up with something.
You need to use a VPN in order to connect to the private network of the vulnerable hosts and it is dead simple.
VHL did a great job here as they offer very clear instructions on how to do that and they even offer a ready-to-go Kali image preconfigured with the VPN.
The best thing about VHL that makes it stand out from other platforms is that it is not just about proving your skills. It is focused on getting you started besides your previous experience and make you start learning the correct way right away. And that is because it is supported by one of the most well written notes I have ever got in my hands.
Seriously I am talking about a 350+ page downloadable .PDF that covers everything you need to know in order to start solving machines and learn new staff about almost everything you will face as a Junior Penetration tester.
Check the chapters here:
Even though VHL provides certificates of completion remember that it’s not only about proving your skills, it’s not only about professionals, it’s heavily focused on training and that is why I highly recommend it. Tons of HQ material and easy guidance. Although I don’t consider the subscription cheap, it is pretty affordable and definitely worth every single penny.
Also I would highly recommend make an account on https://pentest.ws/
PenTest.WS is a penetration testing web application for organizing hosts, services, vulnerabilities and credentials during a penetration test. This service helped me alot while solving VHL machines so that I can keep everything organized, connect the dots and save a lot of time.
Check out my review here:
The online lab consists of 40+ custom vulnerable by design machines ready to be exploited. In the labs you will learn how to compromise Linux and Windows hosts, webservers, mail servers, development tools and many more systems, services and protocols. You will also encounter network devices such as firewalls, routers and NAS systems that are commonly used in both personal and enterprise settings. Every system is configured to contribute to a specific learning experience using one or more attack vectors. The labs up-to-date with new machines and recently discovered vulnerabilities with high impact.
The boxes are super realistic and do not have CTF elements. That is a super important thing in my option because although playing CTF is fun it is not always the recommended way to learn.
I mean you will never face a web server in a real life engagement that has a password stored in an image that unlocks an encrypted rar file that contains an mp3 that when you analyze the spectrogram you will find the root password.
Most of the boxes are user->CVE, root->kernelexploit and do not require custom exploitation or exploit development.
Targets are categorized in three levels of difficulty (Beginner, Advanced, Advanced+).
While solving different targets I realized that this way of categorizing the machines is not really accurate. Many “Advanced” boxes were easier that “Beginner” and the opposite.
I think a user based ranking on scale 1-10 would be much more accurate (just like HTB).
Also I would like to face boxes that need tunneling & pivoting other than standalone machines. This is a concept you can’t practice easily because there are limited resources out there but is crucial.
Just keep in mind this:
Beginner level machines: You are LEARNING new skills
Advanced level machines: You are PRACTICING your skills
Advanced+ level machines: You are PROOVING your skills
Check out the LABS here:
If you get root/administrator access on at least 20 lab machines (Beginner or Advanced) and provide documentary proof of that achievement, you can apply for the VHL Certificate of Completion. If you manage root/administrator access on at least 10 Advanced+ machines (and exploiting at least two vulnerabilities without using any automated tools or publicly available scripts), then you are entitled to apply for the VHL Advanced+ Certificate of Completion. Certificates of Completion come in the form of a personalized PDF and sent by email.
A few study Tips
1. Take your time!
Don’t panic. Take your time. Study the material and don’t forget that you are there to learn! If you are out of lab time just buy an extension. Learning takes time so I recommend you to buy the 3-month lab ticket. I bought the 1-month and I regret it.
2. Aim for a certificate.
Set a goal. It keeps you motivated and you try harder.
3. Document everything
Even if you are not going for a certificate creating a proper report is a crucial skill in a penetration testers’ pocket. OSCP is heavily focused on providing a decent report. Failing to provide the report results in failing the whole exam. So as you practice your privilage escalation skills you should also practice your reporting skills and this is a great opportunity.
4. Backup your notes
If you are using Kali linux you are probably going to use CherryTree for your notes. I had some bad experiences with CherryTree in the past. Don’t forget to always backup your notes.
5. Check your study material regularly
Don’t forget that VHL is about learning and practicing. Most of the boxes can be solved if you carefully read the related study material.
6. Join the Discord server!
If you want to network with like-minded people, I recommend joining the Discord server. You also can get hints for machines that you are stuck with. They are very helpful and it’s a great community. But please, don’t ask for solutions and don’t post solutions/spoilers!
Discord Server Link: https://discord.gg/bQfGnVQ
7. Use your own Kali VM!
Use your own Kali VM! You will get outdated virtual machines with a Forticlient SSL VPN client. There is nothing wrong with them, they are perfectly fine and you can easily following through the material and get the same output. However, I suggest using your own fully updated VM which might prevent some problems and as for the VPN client, you can easily install it using the APT package manager.
8. Use Sparta
Oh boy I love Sparta. Enumeration is crucial for a successful engagement. Try using Sparta.
SPARTA is a python GUI application that simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to their toolkit and by displaying all tool output in a convenient way. If less time is spent setting up commands and tools, more time can be spent focusing on analysing results.
To conclude I would definitely recommend VHL especially if you are preparing for OSCP. And even if you are not, VHL is a great lab for pentesters and I am really glad I found it.
You should give it a try without hesitation. I loved the whole experience. It was a great adventure including the struggles that made me learn tons of new stuff and boost my confidence for OSCP.
You can view more reviews here: