Sandbox Environment

As part of our on-premises deployment option, we offer a dedicated sandbox instance with robust tools for testing and reproducing bug reports

Overview of the Sandbox Instance

The sandbox environment is a fully equipped Kali Linux Instance with pre-installed tools such as Metasploit, Nmap, Wireshark and others, designed to assist in security testing and bug reproduction. This sandbox allows you to safely test bugs without affecting your production environment. The sandbox environment has internet access as well.

Accessing the Sandbox

You can access the Kali Linux instance via Remote Desktop Protocol (RDP) or Secure Shell (SSH), depending on your preference for graphical or command-line interfaces.

Using RDP

  1. Open your RDP client: Use any standard RDP client available on your system.

  2. Connect to the instance: Enter the IP address from the BugBase company settings Dashboard. You will also need the username and private ssh-key, which can be found in the settings as well.

Using SSH

  1. Open your terminal or SSH client.

  2. Enter the following command:

    ssh -i private_sshkey.pem username@ip_address

Guidelines for Using the Sandbox

  • Security Practices: While the sandbox is isolated, it's essential to follow best practices for security to prevent unauthorized access.

  • Resetting the Instance: If you need the instance reset to its original state, please contact support.

  • Support: For technical issues or questions regarding the use of tools within the sandbox, please reach out to our support team.

The Kali Linux sandbox provided by Bugbase enhances your testing capabilities, enabling safe and effective security testing. By utilizing this sandbox, you can ensure that your systems are robust against security vulnerabilities.

Conducting Security Tests

1. Environment Setup

  • Once connected via RDP or SSH, familiarize yourself with the layout and available tools. The desktop environment (if using RDP) will have shortcuts to popular tools, or you can access them from the terminal.

2. Using Pre-installed Tools

  • Metasploit: Use Metasploit for exploiting vulnerabilities. Launch it by typing msfconsole in your terminal.

  • Nmap: Utilize Nmap to scan the network for open ports and running services. Start a scan by typing nmap [options] [target IP].

  • Wireshark: If using RDP, open Wireshark from the graphical interface to monitor network traffic.

Here is the link to view all the tools Kali offers: https://www.kali.org/tools/

Some tools might not be installed by default on the instance, for this you can use apt package manager to install them.

3. Testing and Reproducing Bugs

  • Simulate attacks or reproduce reported vulnerabilities using the tools available. It’s advisable to document your steps and findings systematically.

For any further assistance, please contact our customer support team at queries@bugbase.in

Last updated