Vulnerable Active Directory Lab

I'm currently learning pentesting techniques for Active Directory, and I've been sharing my progress on YouTube. Today, I'd like to recommend an incredible tool I found on GitHub that allows us to create a vulnerable Active Directory environment for testing various Active Directory attacks in a local lab. This tool is a PowerShell script that automates user and group creation, assigns improper ACL permissions, leaks information, and makes users kerberoastable and asreproastable, among other vulnerabilities.

It's important to note that this tool is intended for use in a local lab environment, and you should run the script on a Domain Controller with Active Directory installed. Its purpose is for practice, learning, and gaining a better understanding of concepts for pentesting.

Here's the link to the official repository: [Vulnerable-AD Repository]. Additionally, someone forked the repository and made some interesting changes to the script: [Forked Repository with Changes].

I also forked it and added an ASREProast to Zerologon Writeup: [My Fork with Additional Writeup]. My plan is to create writeups that demonstrate various ways to perform attacks in this lab environment.

I highly recommend exploring the entire lab to discover your own path towards achieving Domain Admin status.

Supported Attacks

• Abusing ACLs/ACEs
• Kerberoasting
• AS-REP Roasting
• Abuse DnsAdmins (...)
• Password in AD User comment
• Password Spraying
• DCSync (...)
• Silver Ticket (...)
• Golden Ticket (...)
• Pass-the-Hash (...)
• Pass-the-Ticket (...)
• SMB Signing Disabled
• Bad WinRM permission
• Anonymous LDAP query
• Public SMB Share
• Zerologon (Check version)