Posts Building a Malware Lab in Qubes

Building a Malware Lab in Qubes

I’ve been moving to Qubes OS this past year. This past week I needed a windows hacking lab for some research. I am going to isloate the network from the other VMs to prevent any malicious code from getting out of control.


qvm-create -s --label red --hvm win10
qvm-prefs -s win10 memory 4096
qvm-start --cdrom=OtherVM:/home/user/Downloads/SomeWindowsISO.iso win10
qvm-start win10

Windows 10 Install
Follow the windows installation instructions here

  1. Update the OS
  2. Install desired software
    1. Brave Browser
    2. Wireshark
  3. qvm-clone win10 win10-backup

Networking VM
We need a proxy machine to send traffic. Some malware will reach out to the web and we need respond.

  1. Deploy Debian VM
  2. Install INetSim and PolarProxy. Link
    1. Setup a Dummy interface
      1. sudo lsmod | grep dummy
      2. sudo modprobe dummy
      3. sudo lsmod | grep dummy
      4. sudo ip link add eth10 type dummy
      5. ip link show eth10

Penetration Testing Box
We will install avoid the bloat that is kali and install a custom linux with a few useful tools.


To be continued….

This post is licensed under CC BY 4.0 by the author.

Trending Tags


Trending Tags