Whether you're breaking into cybersecurity or leveling up your SOC skills, building a proper home lab is non-negotiable. Here's my battle-tested setup that covers blue team defence, red team attack, DFIR, and network security—without breaking the bank. 🎯 Lab Goals · Simulate real enterprise environments · Practice detection, analysis, and response · Run penetration testing and exploit chains · Build SIEM correlation rules and playbooks · Test tools before deploying them at work 🖥️ Hardware Setup Option 1: Budget Build (Under $500 AUD) · Refurbished Dell OptiPlex 7050/9020 (i7, 32GB RAM, 512GB SSD) – ~$300-400 on eBay/Gumtree · External USB 3.0 drive (2TB+) for forensic images and backups – ~$80 Option 2: Serious Build (What I Run) · Custom-built server or Dell R720/R730 (dual Xeon, 128GB+ RAM) · Synology NAS or TrueNAS for storage and backup · Managed switch (TP-Link, Ubiquiti, or Cisco) for VLAN segmentation · Dedicated firewall box running pfSense or OPNsense 💾 Core Software Stack Virtualization Layer · Proxmox VE (free, open-source) – my go-to hypervisor for running multiple VMs and containers · Alternative: VMware Workstation Pro, VirtualBox, or ESXi Network Security · pfSense/OPNsense – firewall, IDS/IPS (Suricata/Snort), VPN, traffic monitoring · Security Onion – full NSM (Network Security Monitoring) suite with Zeek, Suricata, Wazuh, and Kibana Blue Team / SOC · Splunk Free (500MB/day limit) or Elastic Stack (ELK) – SIEM for log ingestion and correlation · Wazuh – host-based intrusion detection, endpoint monitoring, compliance checks · Velociraptor or GRR – endpoint detection and DFIR collection · TheHive + Cortex – case management and automated analysis Red Team / Pentesting · Kali Linux – primary attack platform with all tools pre-installed · Parrot Security OS – alternative to Kali, lighter footprint · Metasploit Framework – exploitation and post-exploitation · Covenant or Havoc C2 – command and control for red team ops · Windows Server + Active Directory – realistic target environment for AD attacks