AutomatedLab
WSLab
Our great sponsors
AutomatedLab | WSLab | |
---|---|---|
12 | 9 | |
1,933 | 1,140 | |
0.9% | 1.9% | |
8.2 | 7.4 | |
11 days ago | 24 days ago | |
PowerShell | PowerShell | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AutomatedLab
-
Active Directory Security Tools
AutomatedLab - AWESOME for deploying labs - https://github.com/AutomatedLab/AutomatedLab
- AutomatedLab: AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exch
-
Tool that automatically generates a realistic office scenario of vms?
/u/xilhion beat me to the detection lab =] Here's an powershell (dsc) based lab framework: https://github.com/AutomatedLab/AutomatedLab/
- how to start labs and scripts for a beginner
- PSADT: Chaining installs
-
Question about deployments (Hyper-V)
2) Powershell. One example I haven't used this in prod, but I have in a lab is this.
-
SCCM in a homelab
Haven’t used it in a bit but check out automatedlab. They had/have an sccm module that you can tweak to fit your needs. https://github.com/automatedlab/automatedlab
-
Complex AD Lab
This is the go-to creating a starter lab option: https://github.com/AutomatedLab/AutomatedLab.
- 'Powershell Testing Server'?
- AZ-500 Hydration Kit
WSLab
-
I need basic understanding of servers (terminal servers, dns servers, domain controllers etc), ip addresses and rdp
Good on you man, you have some great practical experience that will go a long way. Once you learn more you’ll have something that a lot of IT engineers don’t typically have. I work in IT for a manufacturing environment and having electrical and/or mechanical experience will help a lot with your troubleshooting methodology. You have some great replies here which will hopefully start to bridge that gap. I can also highly recommend creating a small homelab for yourself. You can’t beat hands on learning, and there are a ton of great tools to get you started, e.g., https://github.com/microsoft/MSLab. This will help get you up and running quickly and give you an environment to play with. Good luck dude.
-
Clarification needed.
If you want to pen test AND implement/engineer, the cyber defense emphasis may be the best fit. As you progress, consider whether you're more drawn to networking/infrastructure or systems. A great approach: build labs that you think will be difficult to exploit, attack them, improve them. Lather, rinse, and repeat. you can do that with cloud platforms, web apps, mobile apps, IoT, etc. If you're not sure where to start, get your hands on a decently powered machine and check out the ready-to-build scenarios in MSLabs (https://github.com/microsoft/MSLab The Windows Event Forwarding scenarios are especially interesting).
-
A bit worried
If you have the time and resources for it, consider setting up a complex lab environment (https://github.com/microsoft/MSLab is a helpful starting point) with a few different types of targets. Within that environment, you can break whatever you want, try different hardening techniques, etc. I like to use that type of lab to test detection capabilities and scripted/triggered automations using sysmon, wazuh, and caldera.
- powershell script for setting up a Domain Controller
- Automate hyper-v with code
- Active directory pen testing lab
-
Cybersecurity physical labs
take a look at https://github.com/microsoft/MSLab, you can install Hyper-V 2019 server and use the scenarios to create a lab to your liking. I'm using this approach to establish a stable/consistent starting point for an AD environment with OUs, computers, groups, and users generated randomly by https://github.com/davidprowe/BadBlood to gauge the differences in logging and detection fidelity between different EDR solutions.
- Windows clustering
-
Windows Server for personal use?
Have a look at WSLab for rapid deployment of environments https://github.com/microsoft/WSLab
What are some alternatives?
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
caldera - Automated Adversary Emulation Platform
BadBlood - BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
AzViz - ⚡ ☁ Azure Visualizer aka 'AzViz' : A #powershell module to automatically generate Azure resource topology diagrams by just typing a PowerShell cmdlet and passing the name of one or more Azure Resource groups
Microsoft-Integration-and-Azure-Stencils-Pack-for-Visio - Microsoft Integration, Azure, Power Platform, Office 365 and much more Stencils Pack it’s a Visio package that contains fully resizable Visio shapes (symbols/icons) that will help you to visually represent On-premise, Cloud or Hybrid Integration and Enterprise architectures scenarios (BizTalk Server, API Management, Logic Apps, Service Bus, Event Hub…), solutions diagrams and features or systems that use Microsoft Azure and related cloud and on-premises technologies in Visio 2016/2013
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Windows-Sandbox-Utilities - A public repository for useful developments surrounding Windows Sandbox
oh-my-git - An interactive Git learning game!
Azure-MG-Sub-Governance-Reporting - Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.