Attending Cyber Threat Hunting Level 1 w/ Chris Brenton | 4-hours and want to run the VM in QEMU/KVM this is how I got it to work. @ActiveCmeasures #activecountermeasures #AIHunter #ThreatHunting #Beacons #Activecountermeasures @Zeekurity

Hi all!

If you are like me attending the Threat Hunting Training Course named Cyber Threat Hunting Level 1 w/ Chris Brenton | 4-Hours on Thursday and want to run the virtual machine in qemu/kvm native do it like this. Download and read the below link!

As always start with the short version!

  1. Convert the VMDK
  2. Import the machine
  3. Fix network

Now lets explain the steps

  1. Convert the VMDK to qcow format with below command.
qemu-img convert -f vmdk -O qcow2 thunt-202102.vmdk thunt.qcow2

2. Create av vm in Virtual Machine Manager

3. Point out the disk you convertet in step 1. I did choose Debian10 as OS

4. Set ram an CPU ( I did 4GB and 2 CPU)

5. Choose network connection I have NAT on my.

6. The last thing is to fix network issue

Change the /etc/netplan/00-installer-config.yaml to match the interface name. In my case the interface is enp8s0

Then reboot or type netplan apply

Now you can use kvm and still attend the course!

Keep hacking!



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at

Up ↑

%d bloggers like this: