vulnerable-AD
Adalanche
vulnerable-AD | Adalanche | |
---|---|---|
14 | 17 | |
1,870 | 1,530 | |
- | - | |
0.0 | 9.0 | |
20 days ago | about 1 month ago | |
PowerShell | Go | |
MIT License | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vulnerable-AD
-
Student 1 Year out from Grad overwhelmed
At one he also mentions Vulnerable-AD, which might be helpful when learning how to identify and respond to AD attacks. This might give you an idea of what other areas/components to focus on with your projects. Good luck!
-
Active Directory Security Tools
VulnerableAD - perfect for creating a vulnerable AD environment - https://github.com/WazeHell/vulnerable-AD
- Failed with 60 points (with Lab report) in first attempt
- Virtual AD environmnet to play with Bloodhound
-
Vulnerable Machines
This is a pretty cool project: https://github.com/WazeHell/vulnerable-AD
-
Test in one month, kinda gave up but also don't want to skip the test nor do I want to completely bomb. I want to at least try, what are some good resources that are either cheaper/free to prepare?
https://github.com/WazeHell/vulnerable-AD for active directory 4 days.
- Can you recommend good active directory labs?
- Need resources for BO and AD study
-
Vulnerable Active Directory Domain Controller for you to attack! Easy, with tools loaded
I created a vulnerable domain controller. I used wazehell's powershell script, so you can do all kinds of attacks.
-
[HELP] :: AD LAB SETUP
I setup automated Chris Longs Detection Lab, to quickly spin up AD environment, AND i took WazeHell's Vulnerable-ad scripts to make the lab vulnerable to all kinds of attacks. Easy and effective lab with a domain controller, 2 servers and a windows 10 client.
Adalanche
- Active Directory ACL Visualizer and Explorer
-
Adalanche v2023.5.3 released
You can find open source edition at GitHub (https://github.com/lkarlslund/Adalanche) as usual.
-
Active Directory Security Tools
Adalanche - AD ACL Explorer/Visualizer - https://github.com/lkarlslund/Adalanche
-
Adalanche
Adalanche instantly shows what permissions users and groups have in Active Directory. Collects and analyzes information from AD or from local Windows machines. Allows you to find misconfigurations and see who can take over accounts, machines or the entire domain. Kindly recommended by dcdiagfix.
- adalanche v2021.11.3 released: new UI, better analysis, improved performance
- adalanche: Active Directory ACL Visualizer and Explorer - who's really Domain Admin?
-
A bit of a rant....
You could you try my tool adalanche (https://github.com/lkarlslund/adalanche), which visualizes who can do what in your Active Directory environment. Many managers aren't technical at all, but if they see a graph showing how Mike from HR can basically become DA and then assign himself permissions to read the Director of ITs emails, perhaps that could help convince them.
-
Privileges needed in VCenter to take over a virtualized Domain Controller?
I'm working on an experimental addition to my graph based Active Directory analyzer "adalanche" (https://github.com/lkarlslund/adalanche) and as I'm more blue than red I could use some input from you.
What are some alternatives?
GOAD - game of active directory
BloodHound - Six Degrees of Domain Admin
DVWA - Damn Vulnerable Web Application (DVWA)
DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
ldapnomnom - Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
BadBlood - BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
adsys - Active Directory bridging tool suite
AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
Testimo - Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests
pingcastle - PingCastle - Get Active Directory Security at 80% in 20% of the time