What I’m Using, Why and Alternatives

A question that gets asked frequently (a frequently asked question?) when it comes to being a pentester and ethical hacker is “What’s your setup like?” or words to that effect. So here I’ll go through my pentester setup, what I’m using and why.

The Soft Stuff: VMWare Fusion

I prefer to run all my pentest OS’s as virtual machines. I use VMWare extensively, with Fusion on the MacOS, Workstation Pro on Windows 10 and ESXi on the Dell lab server (this is my more involved pentester lab).

Specifically I use Kali Linux (should come as no great shock or surprise) as the main pentesting VM, a Windows 10 VM, a Buscador OSINT VM, and a Debian VM. Each has a role to play which I will briefly run through:

Kali Linux

This is the main pentest OS from where the dark art of pentesting takes place. Once the OSCP is done I will be spending some time playing about with BlackArch and ParrotOS.

Windows 10

Mainly used for Immunity Debugger and times where a Windows footprint works better.

Debian

Used for Linux based exploit work with EDB and general Linux work

Buscador

This used to be a great OSINT and recon VM. This is no longer being maintained and the advice is to build one using the techniques described in the OSINT Techniques (7th edition) book.

There are alternatives to the VMWare offerings which are worth mentioning:

– VirtualBox by Oracle

– Hyper-V by Microsoft

– KVM on Linux

Full disclosure; I haven’t personally used KVM and can’t comment on how well Kali Linux or any of the other VMs run on it.

The Hardware: Macbook Pro 15″

This has served me well for a number of years now, not just in cyber security but more widely. I use it for everything from photo editing, blogging, coding and yes, pentesting.

Those of you who use Apple gear know about the build quality and support already. For the uninitiated, the build quality is great and the support gets the job done.

That being said, a MacBook Pro is not cheap nor is it necessarily a requirement. The key thing to remember here is that you should be able to execute your craft from any device regardless of brand or build quality. Whilst it’s nice to be working from a shiny Apple MacBook Pro there are several decent options across the price range that will also work well.

The single most important part of the laptop specification for pentesting will be the RAM. Ideally you want 16GB but can get the job done with 8GB. This is for pentesting and NOT “labbing”. Lab environments require as much RAM as you can afford depending on what you’re planning on doing in your lab and how many concurrent VMs you plan on running. I’ll write up a separate post on setting up a lab and link back to it here when it’s done.

Here’s a list of alternatives to the MacBook Pro I’d be looking to get if I was in the market for a replacement:

– Razer Blade 15 (plus upgrade the RAM to 32GB)

– Dell XPS 15 7590 (comes with 32GB RAM)

If you’re after something at the sub-£1,000 end, these are a good shout:

– Dell 15 5593

– HP ProBook 450 G6

Pro Tips:

Whatever you decide to go with, aim for the fastest storage you can afford (SSD as a minimum and M.2 if it’s an option) plus more/faster RAM.

Don’t pay extra for a faster clock on CPU as you will likely not notice nor benefit from the increased clock speed.

Also consider lowering the GPU option if necessary to free up extra funds to use elsewhere like mentioned above. Speccing the best available GPU in a laptop with the hopes of cracking hashes is not something I’d recommend. If you do find yourself needing to crack some hashes, spin up an EC2 instance instead and use an array of GPUs instead of trying to squeeze performance out of the GPU in your laptop.

Monitor:

I’ve been through a few monitor setups over the years. I started with a single 24″ and went from there to a 3 x 24″ surround setup. While this is great for screen space and gaming the bezels and the issues with getting the screens to line up correctly made it a bit of a pain. Things have moved on in the multi-screen setup space. Getting bezels to align is now a trivial task thanks to the newer drivers.

I now run a single 32″ BenQ with the MacBook Pro and iPad Pro both providing extra screen space if required.

Going forwards the plan is to switch to a single 49″ UltraWide (this should give you a good idea of what that looks like).

Misc. Stuff:

The other part of the puzzle is the USB-C Pro Dock by CalDigit. I have a DisplayPort cable running into the monitor, and an Ethernet cable for wired internet access. A single Thunderbolt 3 cable running into the MacBook Pro provides power, display and audio.

The other part of any decent pentester setup has to include books. With pentesting being such a wide field, having useful resources to within arms reach is crucial for making life easy!

Wrapping Up:

That’s a flyby view of what I use as a pentester. I will follow up with more posts about setups and kit as time goes on. If there’s something specific you want to know or find out about drop me a message on social media.