I'm planning to build a lab to practice pentesting, and i often see a fully virtualized lab is suggested (built only with VMs on person's main computer).
I'm surprised, because these kind of lab will host unsafe VMs from all over the internet (vulnhub.com , ..) .
There is from time to time new vulnerabilities to escape VMs, and it seems to me downloaded VMs could potentially contain malware exploiting one of these vulnerabilities ? (even if the risk is not high)
As a professional in information security, what do you think about this issue, and do you use unsafe VMs on your computer ?
(i hope my english is not too bad, sorry !)