logo
DATABASE RESOURCES PRICING ABOUT US

Vulnerable-AD - Create A Vulnerable Active Directory That'S Allowing You To Test Most Of Active Directory Attacks In Local Lab

Description

[![](https://1.bp.blogspot.com/-LXoeoTubbWA/XzoR6hDmnBI/AAAAAAAATjg/sFtSIB3fx4obkEensjJrrRuDLfGCuo29gCNcBGAsYHQ/s640/Active-Directory.jpg)](<https://1.bp.blogspot.com/-LXoeoTubbWA/XzoR6hDmnBI/AAAAAAAATjg/sFtSIB3fx4obkEensjJrrRuDLfGCuo29gCNcBGAsYHQ/s1600/Active-Directory.jpg>) Create a [vulnerable](<https://www.kitploit.com/search/label/Vulnerable> "vulnerable" ) active directory that's allowing you to test most of active directory attacks in local lab. **Main Features** * Randomize Attacks * Full Coverage of the mentioned attacks * you need run the script in DC with [Active Directory](<https://www.kitploit.com/search/label/Active%20Directory> "Active Directory" ) installed * Some of attacks require client workstation **Supported Attacks** * Abusing ACLs/ACEs * Kerberoasting * AS-REP Roasting * Abuse DnsAdmins * Password in AD User comment * Password Spraying * DCSync * Silver Ticket * Golden Ticket * Pass-the-Hash * Pass-the-Ticket * SMB Signing Disabled **Example** # if you didn't install Active Directory yet , you can try Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\\Windows\\NTDS" -DomainMode "7" -DomainName "cs.org" -DomainNetbiosName "cs" -ForestMode "7" -InstallDns:$true -LogPath "C:\\Windows\\NTDS" -NoRebootOnCompletion:$false -SysvolPath "C:\\Windows\\SYSVOL" -Force:$true # if you already installed Active Directory, just run the script ! IEX((new-object net.webclient).downloadstring("https://raw.githubusercontent.com/wazehell/vulnerable-AD/master/vulnad.ps1")); Invoke-VulnAD -UsersLimit 100 -DomainName "cs.org" **TODO** * Add More realistic scenarios * Click close issue button on github **[Download vulnerable-AD](<https://github.com/WazeHell/vulnerable-AD> "Download vulnerable-AD" )**