WSLab
Azure Stack HCI, Windows 10 and Windows Server rapid lab deployment scripts (by microsoft)
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time. (by davidprowe)
WSLab | BadBlood | |
---|---|---|
9 | 10 | |
1,142 | 1,906 | |
0.9% | - | |
7.4 | 0.0 | |
30 days ago | 11 months ago | |
PowerShell | PowerShell | |
MIT License | GNU General Public License v3.0 only |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
WSLab
Posts with mentions or reviews of WSLab.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-10-10.
-
I need basic understanding of servers (terminal servers, dns servers, domain controllers etc), ip addresses and rdp
Good on you man, you have some great practical experience that will go a long way. Once you learn more you’ll have something that a lot of IT engineers don’t typically have. I work in IT for a manufacturing environment and having electrical and/or mechanical experience will help a lot with your troubleshooting methodology. You have some great replies here which will hopefully start to bridge that gap. I can also highly recommend creating a small homelab for yourself. You can’t beat hands on learning, and there are a ton of great tools to get you started, e.g., https://github.com/microsoft/MSLab. This will help get you up and running quickly and give you an environment to play with. Good luck dude.
-
Clarification needed.
If you want to pen test AND implement/engineer, the cyber defense emphasis may be the best fit. As you progress, consider whether you're more drawn to networking/infrastructure or systems. A great approach: build labs that you think will be difficult to exploit, attack them, improve them. Lather, rinse, and repeat. you can do that with cloud platforms, web apps, mobile apps, IoT, etc. If you're not sure where to start, get your hands on a decently powered machine and check out the ready-to-build scenarios in MSLabs (https://github.com/microsoft/MSLab The Windows Event Forwarding scenarios are especially interesting).
-
A bit worried
If you have the time and resources for it, consider setting up a complex lab environment (https://github.com/microsoft/MSLab is a helpful starting point) with a few different types of targets. Within that environment, you can break whatever you want, try different hardening techniques, etc. I like to use that type of lab to test detection capabilities and scripted/triggered automations using sysmon, wazuh, and caldera.
- powershell script for setting up a Domain Controller
- Automate hyper-v with code
- Active directory pen testing lab
-
Cybersecurity physical labs
take a look at https://github.com/microsoft/MSLab, you can install Hyper-V 2019 server and use the scenarios to create a lab to your liking. I'm using this approach to establish a stable/consistent starting point for an AD environment with OUs, computers, groups, and users generated randomly by https://github.com/davidprowe/BadBlood to gauge the differences in logging and detection fidelity between different EDR solutions.
- Windows clustering
-
Windows Server for personal use?
Have a look at WSLab for rapid deployment of environments https://github.com/microsoft/WSLab
BadBlood
Posts with mentions or reviews of BadBlood.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-27.
-
Powershell error message help from using Powerview.ps1
If you want to try more of this kind of stuff or explore what you can find with PowerSploit I can recommend running BadBlood on your DC (after taking a snapshot) https://github.com/davidprowe/BadBlood It creates a bunch of randomized users, groups, OUs, SPNs and stuff.
- Need to setup AD lab for praticing..
- Failed with 60 points (with Lab report) in first attempt
- Virtual AD environmnet to play with Bloodhound
- Active directory scripts for setting a lab?
-
Complex AD Lab
you may want to check out something like this. https://github.com/davidprowe/BadBlood
- BadBlood fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools...
- There was a resource I found a while ago, a GitHub repo with scripts for setting up vulnerable AD configurations for a home lab. Does anyone know the one?
- Active directory pen testing lab
-
Cybersecurity physical labs
take a look at https://github.com/microsoft/MSLab, you can install Hyper-V 2019 server and use the scenarios to create a lab to your liking. I'm using this approach to establish a stable/consistent starting point for an AD environment with OUs, computers, groups, and users generated randomly by https://github.com/davidprowe/BadBlood to gauge the differences in logging and detection fidelity between different EDR solutions.
What are some alternatives?
When comparing WSLab and BadBlood you can also consider the following projects:
AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab