Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/safebuffer/vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
https://github.com/safebuffer/vulnerable-AD

active-directory penetration-testing powershell redteaming vulnerable-activedirectory vulnerable-ad

Last synced: about 1 month ago
JSON representation

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Host: GitHub
URL: https://github.com/safebuffer/vulnerable-AD
Owner: safebuffer
License: mit
Created: 2020-06-19T09:30:18.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-04-12T18:06:21.000Z (8 months ago)
Last Synced: 2024-10-29T17:39:00.284Z (about 1 month ago)
Topics: active-directory, penetration-testing, powershell, redteaming, vulnerable-activedirectory, vulnerable-ad
Language: PowerShell
Homepage:
Size: 30.3 KB
Stars: 2,005
Watchers: 45
Forks: 388
Open Issues: 10
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - safebuffer/vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab (PowerShell)

README

Vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab

### Main Features
- Randomize Attacks
- Full Coverage of the mentioned attacks
- you need run the script in DC with Active Directory installed
- Some of attacks require client workstation

### Supported Attacks
- Abusing ACLs/ACEs
- Kerberoasting
- AS-REP Roasting
- Abuse DnsAdmins
- Password in Object Description
- User Objects With Default password (Changeme123!)
- Password Spraying
- DCSync
- Silver Ticket
- Golden Ticket
- Pass-the-Hash
- Pass-the-Ticket
- SMB Signing Disabled

### Example
```powershell
# if you didn't install Active Directory yet , you can try
Install-windowsfeature AD-domain-services
Import-Module ADDSDeployment
Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\\Windows\\NTDS" -DomainMode "7" -DomainName "cs.org" -DomainNetbiosName "cs" -ForestMode "7" -InstallDns:$true -LogPath "C:\\Windows\\NTDS" -NoRebootOnCompletion:$false -SysvolPath "C:\\Windows\\SYSVOL" -Force:$true
# if you already installed Active Directory, just run the script !
IEX((new-object net.webclient).downloadstring("https://raw.githubusercontent.com/wazehell/vulnerable-AD/master/vulnad.ps1"));
Invoke-VulnAD -UsersLimit 100 -DomainName "cs.org"
```

### TODO
- Play with workstations !
- Click close issue button on github