You Give HR A Bad PDF

Description

Established a home lab environment utilizing VMware to simulate an attack scenario between Windows and Kali Linux VMs. This setup shows scripts usage within Metasploit and real-time event monitoring through Sysmon and Splunk.

Prerequisites

VMware Workstation Pro Setup

VMware Workstation Pro is a type 2 hypervisor which serves to isolate and create a dedicated communication channel between the lab environments. The installation is as follows:

Download VMware Workstation Pro, that is hosted at: https://www.vmware.com/products/desktop-hypervisor/workstation-and-fusion.
Verify the executable’s integrity through the File Checksums. In this case, the SHA-256 and MD5 checksums are found at the installer page.
Open a PowerShell terminal within the same download’s location and execute:
```
 Get-FileHash <file-name>
```
Therefore, the hash can be matched with the provided list.
Proceed with the installation of VMware Workstation Pro by accepting the End-User License Agreement.
There is a compatible setup, referring to Hyper-V or Device/Credential Guard being enabled.

Hence, the virtual machines will be launched using the Windows Hypervisor Platform (WHP).
After setting the installation folder, tick the box Check for product updates on startup, to always ensure an up-to-date app version and mitigate risks like VM Escape.

Also, joining the VMware Customer Experience Improvement Program is optional.
Finally, choose whether to create the shortcuts, then click Install. The VMware Workstation Pro interface should look like this:

Windows Setup

Windows 11 is the most recent Operating System developed by Microsoft. This is the host machine which will be targeted by Kali Linux.

Download the Windows Installation Media found at: https://www.microsoft.com/en-us/software-download/windows11.
During the install process, at the Choose which media to use section, select ISO file.
In VMware, click on Create a New Virtual Machine, then the Typical configuration and load the Windows.iso image.
At the Encryption Information section, choose to encrypt all the files and set a password that you store in a safe place, such a password manager, in the host machine.

Also, select Store virtual disk as a single file in the Specify Disk Capacity section.

Note: By default, the 64 GB of storage is not pre-allocated.
The summary will show the recommended hardware settings, except for one which must be configured manually, then click on Customize Hardware...

The network adapter is set as NAT to share the host’s internet connection, and so it will eventually require a Windows Account. Therefore, select Host-only, which will be helpful to bypass the remaining setup.
Finish the machine creation and click on Power on this virtual machine.
During the configuration process, make sure to select I don't have a product key.

In addition, select Windows 11 Pro, because of the RDP feature explained here: https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/remote-desktop-supported-config.
During the setup, it will ask to connect to a network. To bypass this step, do Shift+F10 to open the CMD and execute the following command:
```
 oobe\bypassnro
```
It will restart the machine and enable the I don't have internet option, select it and finish the setup.
After the Windows setup, ensure a smoother virtualization experience by going to the VM tab and select Install VMware Tools.

It will load the drive and ask to execute the Run setup64.exe, click on it and follow the default options.
To have internet in the VM, go to the left bar, right click on the machine name and select Settings...

And, in the Network Adapter section choose NAT to ensure the VM is not alongside the host network, but has its own through the host IP.
Finally, for future recovery of the fresh install, go to the VM tab, then click on Snapshot and Take Snapshot...

Assign a name like “Fresh Install” and click Take Snapshot