Apr 4, 2023Liked by Eric Capuano

Great tutorial, Eric.

Learned a lot this weekend.

I noticed that LimaCharlie apparently changed the lc_sensor.exe to hcp_win_x64_release_4.28.0.exe

Then added the information with -i

Expand full comment
Mar 26, 2023Liked by Eric Capuano

Awesome lab + write up, thanks!

Expand full comment
Aug 3, 2023Liked by Eric Capuano

Thanks Eric! I just got my Sec+ and the timing couldn't have been better. I had been looking for a completely SOC oriented homelab setup but couldn't really find one. While I was studying for the Sec+ I devoted myself to that and put everything else to the side. Now that I'm done with that, I've got this great homelab to do SOC related projects with and start working towards having legitimate resume-ready practical experience for when I'm ready to transition from help desk into cyber. Thanks!

Expand full comment
Jun 2, 2023Liked by Eric Capuano


Expand full comment
Apr 6, 2023Liked by Eric Capuano

should be




Expand full comment

If you are facing the issue I came across while trying to download SwiftOnSecurity's Sysmon config in the article, try manually cloning the code from SwiftOnSecurity GitHub page and manually moving the .XML file to \Temp\Sysmon.

Expand full comment
Mar 7·edited Mar 7


Maybe someone could help.

I am stuck on #3, part F. on the Sensor installation,

----- IN THE WINDOWS VM, open an Administrative PowerShell prompt and paste the following


---> cd C:\Users\User\Downloads

I don't know where to begin since I don't have that path on my system.

I tried to follow LC's directions and download the "download installer" first then<cd into that downloads path and run the <ls_sensor.exe> command but again, no results.

Thank You

Expand full comment

I learned a lot today. Can LimaCharlie and Sysmon be used in place of IBM QRadar for SIEM?

Expand full comment

Hi Eric,

Thanks for this series for us that are new to homelabing. I'm almost done with completing Part 1. However, I'm having trouble getting pass [sudo] password for user: in step 1 of Setting up my attack system with Sliver. Not sure what to put here. I tried using password, but no luck. Also, Gerald Auger's video, which I watched as support to this this page doesn't show what the input to move pass this step. Looking forward to the learning experiences ahead.

Expand full comment

Hi great tutorial! Thank you.

Q: I can SSH from Ubuntu into my main machine no probs but the other way round is an issue currently. Firewalls, password etc aren't an issue. Is it something to do with the sshd_config file in Windows' ProgramData folder? Cheers if you can help.

Expand full comment

So I cant ssh into the ubuntu vm from my host machine. I enabled ssh on the ubuntu side but its still timing out.

Expand full comment

Hey, I have been stuck on the Install Sysmon in Windows VM

Getting an error like

Invoke-WebRequest : Unable to connect to the remote server

At line:1 char:1+ Invoke-WebRequest -Uri https://raw.githubusercontent.com/SwiftOnSecur ...

while downloading the SwiftOnSecurity’s Sysmon config.

Anyone help me out

Thank u!

Expand full comment

Hello, I would like to set up this lab but I have a Mac. Any other blogs to set up the virtual environment with Mac OS? Thank you!!

Expand full comment

where can i find the edit on the VMware workstation cos i seem not to find it to make changes to the IP

Expand full comment

I've followed the steps to a tee. I'm on the sysmon part, but I noticed that I have no connection to the internet, even though NAT is up. Do you know what could possibly be the reason? Thanks

Expand full comment

Hello Eric, I am at the SSH into the Ubuntu VM to install Sliver C2. I am not able to SSH into the VM from my Windows 11 host despite typing the command "ssh user@[IP]. When I try to do so, it says connection timed out for port 22. I need your help on this as this is my first home lab setup and I am in desperate need for hands on experience.

Expand full comment