Proxmox Security Lab

I’ve been wanting to build a proper security homelab for a while now, and setting up this Proxmox-based security analysis lab felt like the perfect project to dive deeper into both security and infrastructure automation.

I spun up a complete detection and analysis environment with an Ubuntu ELK stack for data collection, Kali and REMnux for Linux-side analysis, and both a Windows victim machine and FlareVM for Windows analysis.

To make the whole setup reproducible and avoid manual configuration hell, I experimented with Terraform to create the virtual machines and Ansible to provision them, which has been grounding my knowledge of Infrastructure as Code principles. Adding Elastic agents to the Windows machines for fleet management tied everything together nicely, giving me hands-on experience with the kind of security monitoring and incident response workflows I’d only read about before.

overview

data collection (ubuntu elk stack)
linux analysis machine (kali / remnux)
windows victim (win)
windows analysis (flarevm)

IaC

terraform to create the assets
ansible to provision the machines

fleet management

elastic agent installed on windows machines

resources

Taggart Institute variant: https://www.youtube.com/watch?v=Pd3eSdm1aWo
Kraven Security variant: https://kravensecurity.com/malware-analysis-lab-environment/
cyberwox variant: https://cyberwoxacademy.com/building-a-cybersecurity-homelab-for-detection-monitoring/

Peter's Mind Vault

Explorer

Proxmox Security Lab

Proxmox Security Lab

overview

IaC

fleet management

resources

Graph View

Table of Contents

Backlinks

Recent notes

The lethal trifecta for AI agents private data untrusted content and external communication

Changelog

OpenClaw learnings feb 2026

AI Agents

Cyber Security