My favorite way to learn something new is with hands on experience. It’s easy to read a blog article or watch a video and “think” you know something. It’s a different story when you have to do it yourself.
Building a home lab is by far the best way to practice IR and IT admin skills. Here’s a quick collection of where I get my virtual machines and systems from.
Prebuilt Windows Labs
Orange Cyber Defense GOAD
https://github.com/Orange-Cyberdefense/GOAD
GOAD is a pentest active directory LAB project. The purpose of this lab is to give pentesters a vulnerable Active directory environment ready to use to practice usual attack techniques.
DetectionLab
https://github.com/clong/DetectionLab
This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts.
Windows Virtual Machines
Windows 11
https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/
Microsoft offers free pre-configured Windows 11 virtual machines for you to download. These make great resources when spinning up machines simulating a user environment for your lab.
Windows Server 2019
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019
Microsoft also offers free trials for Windows Server. This is a great way to practice building and compromising a domain as well as setting up a test web server and other systems you would encounter in a corporate environment.
VMware
VMware Workstation Pro is now free for personal use. From my experience VMware works far better and is easier to configure vs other solutions such as VirtualBox.
https://support.broadcom.com/group/ecx/productdownloads?subfamily=VMware+Workstation+Pro