PowerSploit vs BadBlood

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework (by PowerShellMafia)

DISCONTINUED

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time. (by davidprowe)

Suggest topics

Source Code

secframe.com

Suggest alternative

Edit details

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

PowerSploit		BadBlood
	Project
18	Mentions	10
8,062	Stars	1,908
-	Growth	-
0.5	Activity	0.0
over 3 years ago	Latest Commit	11 months ago
PowerShell	Language	PowerShell
GNU General Public License v3.0 or later	License	GNU General Public License v3.0 only

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

PowerSploit

Posts with mentions or reviews of PowerSploit. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-05-27.

Powershell error message help from using Powerview.ps1
4 projects | /r/PowerShell | 27 May 2023

The correct thing to do was importing the Recon.psm1 module, as instructed in the PowerSploit's documentation.
Powerview.ps1 error help
1 project | /r/netsecstudents | 27 May 2023

I joined one of the clients to the domain, then downloaded powerview.ps1 from https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1).
“Malicious” powershell commands for demo
2 projects | /r/PowerShell | 16 Apr 2023

You can grab PowerSploit . Most of the scripts will trigger powershell's Antimalware Scan Interface (AMSI) if you have real-time protection enabled. To be sure, use Invoke-Mimikatz.ps1 as AMSI blocks certain keywords like “invoke-mimikatz” or “amsiutils” since they are widely known to be used for exploitation. So I suggest you use them. Note that you can hide some malicious scripts by running an amsi bypass, thats for another day.
4 AD Attacks and How to Protect Against Them
4 projects | /r/Netwrix | 15 Feb 2023

PowerSploit
Junior Pen Tester - CTF interview
5 projects | /r/AskNetsec | 9 Feb 2023
Compromising Plaintext Passwords in Active Directory
2 projects | /r/Netwrix | 25 Jan 2023

Because the SYSVOL share is open to Authenticated Users, any user in the organization can read the files stored there. Therefore, any user account can find and decrypt the Group Policy file and thereby gain access to the plaintext passwords for Administrator accounts. The PowerSploit command Get-GPPPassword will find and decrypt these passwords for you.
Manipulate Zip/7Zip Archives w/o Disk Write
1 project | dev.to | 13 Jan 2023

Please see PowerShellMafia/PowerSploit for more information about how to run an EXE from the memory. Find examples here: GitHub Examples
Extracting Service Account Passwords with Kerberoasting
3 projects | /r/Netwrix | 2 Dec 2022

Get-NetUser command of PowerSploit
Privilege Escalation with DCShadow
1 project | /r/Netwrix | 22 Nov 2022

The first step is to find out what trusts exist. There are several ways to do this, but two we will leverage through PowerShell are the PowerSploit framework and the Active Directory PowerShell module.
Can i use PowerShell to gain admin privileges
1 project | /r/PowerShell | 16 Aug 2022

Short answer; yes. See PowerUp.ps1: https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1

BadBlood

Posts with mentions or reviews of BadBlood. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-05-27.

Powershell error message help from using Powerview.ps1
4 projects | /r/PowerShell | 27 May 2023

If you want to try more of this kind of stuff or explore what you can find with PowerSploit I can recommend running BadBlood on your DC (after taking a snapshot) https://github.com/davidprowe/BadBlood It creates a bunch of randomized users, groups, OUs, SPNs and stuff.
Need to setup AD lab for praticing..
2 projects | /r/activedirectory | 25 Mar 2023
Failed with 60 points (with Lab report) in first attempt
4 projects | /r/oscp | 18 Nov 2022
Virtual AD environmnet to play with Bloodhound
2 projects | /r/oscp | 3 Nov 2022
Active directory scripts for setting a lab?
5 projects | /r/AskNetsec | 8 Jun 2022
Complex AD Lab
2 projects | /r/activedirectory | 31 Jan 2022

you may want to check out something like this. https://github.com/davidprowe/BadBlood
BadBlood fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools...
1 project | /r/blueteamsec | 29 Dec 2021
There was a resource I found a while ago, a GitHub repo with scripts for setting up vulnerable AD configurations for a home lab. Does anyone know the one?
5 projects | /r/AskNetsec | 18 Dec 2021
Active directory pen testing lab
3 projects | /r/Pentesting | 18 Jun 2021
Cybersecurity physical labs
2 projects | /r/Pentesting | 30 May 2021

take a look at https://github.com/microsoft/MSLab, you can install Hyper-V 2019 server and use the scenarios to create a lab to your liking. I'm using this approach to establish a stable/consistent starting point for an AD environment with OUs, computers, groups, and users generated randomly by https://github.com/davidprowe/BadBlood to gauge the differences in logging and detection fidelity between different EDR solutions.

What are some alternatives?

When comparing PowerSploit and BadBlood you can also consider the following projects:

BloodHound - Six Degrees of Domain Admin

vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

DSInternals - Directory Services Internals (DSInternals) PowerShell Module and Framework

AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

ADRecon - ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

GOAD - game of active directory

Slingcode - personal computing platform

DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices

mimikatz - A little tool to play with Windows security

WSLab - Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts

BlueHound - BlueHound - pinpoint the security issues that actually matter

ADLab - Custom PowerShell module to setup an Active Directory lab environment to practice penetration testing.