top of page

Penetration Testing Lab Setup on Digital Ocean

Updated: Aug 11, 2023

"Security isn’t something you buy, it’s something you do, and it takes talented people to do it right."

You can find a detailed video demonstrating these steps on our official YouTube channel at Penetration Testing Lab Setup on Digital Ocean. Note that this blog is best understood when viewed along with the aforementioned accompanying video.


Digital Ocean provides free credits worth $200, an excellent option for creating penetration testing labs. Follow the instructions provided in the video to set up the pentest lab. Sign up and create your Digital Oceans account using the URL and obtain free credits of $200.

Below is a basic flow of what must be done to create your pentest lab.

  • Please create a user on the Digital Ocean platform and configure it to work over SSH.

  • Install essential services such as docker.

  • Install and set up the needed vulnerable services such as DVWA etc.



  • Login into your newly created digital ocean account using the login page on digital ocean's website. It should look something like this:

Login Page

  • Create a new project (if one doesn't exist already) in the UI post-login, and it should look something like this:

Project Page

  • Create a new "Droplet" under your newly created project and in the submenu, choose the Ubuntu version you wish to create while configuring the various options per your machine's requirements.

  • Please refer to the linked video at the top of this blog to view our recommended configuration, or click here. Once ready, make sure to enable the SSH configurations on your machine ( it's recommended to use the "SSH Keys" instead of "Passwords")

  • If you are not sure how to create and use "SSH Keys," please refer to this link.

Login into your digital ocean account as the root (sudo) user. Please refer to this video if you face any issues logging in.

  • Create a new user and add sudo privileges.

adduser user 
usermod -aG sudo user  

Login as "user" using:

su user 
  • Install docker in the machine using

sudo apt-get update
sudo apt-get install
sudo systemctl enable docker 
sudo systemctl start docker

Installing vulnerable images

sudo docker pull vulnerables/web-dvwa 
sudo docker run --name web-dvwa -d -p 8080:80 --restart always vulnerables/web-dvwa

sudo docker pull bkimminich/juice-shop 
sudo docker run --name juice-shop -d -p 8081:3000 --restart always bkimminich/juice-shop

Installing other services

 sudo docker run --name=mailhog -p 2525:1025 -p 8025:8025 --restart always mailhog/mailhog

Press "ctrl+a" and press d to exit the screen.

  • (Optional) Install SNMP -

sudo docker run -v /somewhere/with/snmpwalks:/usr/local/snmpsim/data -p 161:161/udp --restart always tandrup/snmpsim

Press "ctrl+a" and press d to exit the screen.

  • (Optional) Install FTP -

sudo docker run --detach --env FTP_PASS=123 --env FTP_USER=user --name my-ftp-server --publish 20-21:20-21/tcp --publish 40000-40009:40000-40009/tcp --restart always --volume /data:/home/user garethflowers/ftp-server

Connecting to services

Now you can connect to the services you created and execute penetration tests.

Create SSH key pair for the account user created above and configure the SSH login for the account user. If you are unsure how to create and use "SSH Keys," please refer to this link.

On your Kali terminal, run the below ssh port forwarding commands. Make sure to replace the <sshprivatekey> with your private key and <yourdropletip> with your droplet public IP.

ssh -L 80: -i <sshprivatekey> user@<yourdropletip> -fN
ssh -L 81: -i <sshprivatekey> user@<yourdropletip> -fN
ssh -L 25: -i <sshprivatekey> user@<yourdropletip> -fN
ssh -L 21: -i  <sshprivatekey> user@<yourdropletip> -fN

The services are now reachable on your localhost for testing.

Example: DVWA can be accessed by using the URL


Register for instructor-led online courses today!

Check out our free programs!

Contact us with your custom pen testing needs at: or WhatsApp.


Recent Posts

See All


bottom of page