Why vagrant is good for Pentesting


So why?

vagrant could be good in a pentesting environment because you could spin up a vm of your environment save all your tools and files then box it up meaning each pentest delete the data and reinstate the box allowing you to keep a custom box for doing security testing

and the time saved could be used to further your pentest without waiting to download that tool you forgot back at the office. or worse your pentest is in a environment that disallows outside connections due to security

Concerns

While I don't personally know any security problems inherintly with vagrant on the local file installs the fetching over the internet can lead to problems as most boxes are downloaded over HTTP and thus could be subjected to Man-in-the-middle (MITM) attacks
this blog link has a great post on how to break (and out) of a vagrant VM to maliciously attack machine Breaking in and out of vagrant

Takeaways

  • don't use vagrant on insecure networks
  • keep things local no external ports which apparently is the new vagrant default is to bind 2222 to 127.0.0.1 Github issue about binds
  • treat the vm like any other environment shred it when done with any contained sensitive info
  • disable shared folders if they aren't used in the VM