Basic Exploitation Techniques Setting up your Own Pen-Testing Lab So for the testing purposes, we should have our own lab to practice using it. This simple setup consists of 2 Virtual-Box machines, however you can expand it as much as you like once you get the idea. First of all, we’re going here to make a schematic of our pen-test lab network as follows: Description of the Network Schematic The Metasploitable host has two Network Interface Cards (NICs). The first one acquires the IP address of “192.168.0.1/24” which is only connected to the Attacker’s machine (on the left side of the schematic) and the second one acquires the IP address of “192.168.1.1/24” which is only connected to a “Windows XP” box. So we can clearly see that the attacker’s machine can’t communicate with the Windows XP box unless the attacker pivots through the Metasploitable box to connect to the Windows one. So now we’re going to setup this test network on Virtual-Box