Getting Started
This guide walks you through setting up the networking-tools lab from scratch. By the end, you will have tools installed, vulnerable targets running, and your first scan complete.
Prerequisites
Section titled “Prerequisites”Before you begin, make sure you have:
- Git — to clone the repository
- Docker and Docker Compose — for the vulnerable practice targets
- macOS with Homebrew or Linux with apt/dnf — for installing security tools
Clone and Check Tools
Section titled “Clone and Check Tools”Clone the repository and see which tools are already on your system:
git clone https://github.com/PatrykQuantumNomad/networking-tools.gitcd networking-toolsmake checkmake check scans for all 14 tools the project uses and reports which are installed with their versions. Missing tools show install instructions inline.
Install Missing Tools
Section titled “Install Missing Tools”You do not need every tool to get started — install what you plan to use. Here are the common ones grouped by platform.
macOS (Homebrew)
Section titled “macOS (Homebrew)”brew install nmap wireshark aircrack-ng hashcat sqlmap nikto john-jumbo foremost bind curl netcatbrew install draftbrew/tap/hpingMetasploit requires a separate installer — see the Metasploit nightly installers.
skipfish is available via MacPorts:
sudo port install skipfishLinux (Debian/Ubuntu)
Section titled “Linux (Debian/Ubuntu)”sudo apt install nmap tshark aircrack-ng hashcat sqlmap nikto john foremost hping3 skipfish dnsutils curl netcat-openbsdFor Metasploit, follow the nightly installer guide.
After installing, run make check again to confirm everything is detected.
Start the Lab
Section titled “Start the Lab”The project includes Docker containers with intentionally vulnerable web applications for safe practice:
make lab-upmake lab-statusWait 30—60 seconds for all containers to fully initialize, then visit:
| Target | URL | Credentials |
|---|---|---|
| DVWA | http://localhost:8080 | admin / password |
| Juice Shop | http://localhost:3030 | (register an account) |
| WebGoat | http://localhost:8888/WebGoat | (register an account) |
| VulnerableApp | http://localhost:8180/VulnerableApp | — |
When you are done, stop everything with:
make lab-downRun Your First Scan
Section titled “Run Your First Scan”With the lab running, try a quick port scan against localhost:
make nmap TARGET=localhostOr run a DNS diagnostic against any public domain:
make diagnose-dns TARGET=example.comBoth commands print numbered examples with explanations, then offer to run a safe demo interactively.
Download Wordlists
Section titled “Download Wordlists”Several password-cracking tools (hashcat, john) need wordlists. Download the standard rockyou.txt wordlist:
make wordlistsThis downloads rockyou.txt into the wordlists/ directory.
Next Steps
Section titled “Next Steps”Now that your environment is ready, explore the rest of the project:
- Tools — reference pages for each of the 14 security tools with example commands
- Diagnostics — automated health-check scripts for DNS and connectivity
- Run
make helpto see every available Makefile target