{"id":20821994,"url":"https://github.com/mikehorn-git/adsecops","last_synced_at":"2025-03-12T06:26:46.415Z","repository":{"id":248315403,"uuid":"823836197","full_name":"MikeHorn-git/ADSecOps","owner":"MikeHorn-git","description":"Offensive / Defensive AD lab","archived":false,"fork":false,"pushed_at":"2025-01-16T20:02:29.000Z","size":2858,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-16T21:18:38.577Z","etag":null,"topics":["active-directory","ansible","lab","vagrant"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MikeHorn-git.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-03T20:28:24.000Z","updated_at":"2025-01-16T20:52:47.000Z","dependencies_parsed_at":"2024-10-23T16:23:53.187Z","dependency_job_id":"828d747f-9c79-4944-b3a6-aca39b5dd6e7","html_url":"https://github.com/MikeHorn-git/ADSecOps","commit_stats":null,"previous_names":["mikehorn-git/adsecops"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MikeHorn-git%2FADSecOps","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MikeHorn-git%2FADSecOps/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MikeHorn-git%2FADSecOps/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MikeHorn-git%2FADSecOps/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MikeHorn-git","download_url":"https://codeload.github.com/MikeHorn-git/ADSecOps/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243168581,"owners_count":20247372,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active-directory","ansible","lab","vagrant"],"created_at":"2024-11-17T22:13:40.754Z","updated_at":"2025-03-12T06:26:46.393Z","avatar_url":"https://github.com/MikeHorn-git.png","language":"PowerShell","readme":"# Description\n\nPlayground for Blue Team / Red Team exercises on Active Directory. Designed to be automatically deployed and easily extensible with custom scenarios.\n\n![image](https://nextperimeter.com/wp-content/uploads/2022/12/MicrosoftTeams-image-75-768x230.jpg)\n\n# Architecture\n\n```mermaid\ngraph LR\n    subgraph \"Local Host (Linux)\"\n        A1[\"Vagrantfile\"] --\u003e A2[\"VirtualBox\"]\n        A3[\"Ansible\"] --\u003e|Runs Playbooks| A2\n        A4[\"Makefile\"] --\u003e|Invokes Targets| A3\n        A5[\"Scripts/\"] --\u003e|Provides PowerShell Tasks| A3\n    end\n\n    subgraph \"VirtualBox VMs\"\n        B1[\"Windows Server AD\"] --\u003e|Provisioned by| A2\n        B2[\"BadBlood\"] --\u003e|Seeds Data| B1\n        B3[\"Red Team Tools\"] --\u003e|Exploit| B1\n        B4[\"Blue Team Tools\"] --\u003e|Patch| B1\n        B5[\"Scanning Tools\"] --\u003e|Analyze AD| B1\n    end\n\n    A2 --\u003e B1\n    A3 --\u003e B2\n    A3 --\u003e B3\n    A3 --\u003e B4\n    A3 --\u003e B5\n```\n\n# Requirements\n\n* Linux\n* Ansible\n* Vagrant\n* VirtualBox\n\n# Installation\n\n```bash\ngit clone https://github.com/MikeHorn-git/ADSecOps.git\ncd ADSecOps/\n```\n\n## Arch Linux\n\n```bash\nchmod +x ./requirements/Arch.sh\n./requirements/Arch.sh\nmake setup\n```\n\n## Debian\n\n```bash\nchmod +x ./requirements/Debian.sh\n./requirements/Debian.sh\nmake setup\n```\n\n# Usage\n\n```bash\nUsage: make \u003ctarget\u003e\n\nTargets:\n  setup         Deploy Vagrant and run BadBlood playbook\n  deploy        Install requirements\n  red           Deploy Red Team playbooks\n  blue          Deploy Blue Team playbooks\n  scans         Deploy scanning playbooks\n  all           Deploy all playbooks\n  report        Create a report in PDF format\n  clean         Destroy Vagrant VMs\n  prune         Prune invalid entries\n  distclean     Execute clean and prune commands\n```\n\n# Scenarios\n\n## Red Team Playbooks\n\n* `vuln_adcs_template_control`\n* `vuln_kerberos_properties_preauth_priv`\n* `vuln_permissions_gpo_priv`\n\n## Blue Team Playbooks\n\n* `patch_kerberos_properties_preauth_priv`\n* `patch_permissions_gpo_priv`\n\n## Scanning Playbooks\n\n* `adrecon`\n* `pingcastle`\n\n## Provisioning\n\n* `badblood`\n* `inventory`\n\n# Create Your Own Scenarios\n\n* **Create Your PowerShell Script**\n\n   * Write your PowerShell script and save it in the appropriate `scripts/` directory.\n\n* **Create an Ansible Playbook**\n\n   *rite an Ansible playbook that:\n     * Waits for the script to be available on the target machine.\n     * Executes the PowerShell script using `win_shell` or `win_command`.\n\n* **Add the Script to Your Repository**\n\n   * Place the PowerShell script in the correct path within the repository (e.g., `scripts/red/`).\n\n* **Run the Playbook**\n\n   * Use the Makefile to deploy the script (e.g., `red`):\n\n     ```bash\n     make red\n     ```\n\n# Known Issues\n\n## WinRM Command Error\n\n```bash\nAn error occurred executing a remote WinRM command.\n\nShell: Cmd\nCommand: hostname\nMessage: Digest initialization failed: initialization error\n```\n\n**Solution:**\nEnable legacy cipher in OpenSSL:\n\n```bash\nexport OPENSSL_CONF=./.openssl-legacy.cnf\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmikehorn-git%2Fadsecops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmikehorn-git%2Fadsecops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmikehorn-git%2Fadsecops/lists"}