vulnerable-AD
ConPtyShell
| vulnerable-AD | ConPtyShell | |
|---|---|---|
| 14 | 3 | |
| 1,870 | 913 | |
| - | - | |
| 0.0 | 0.0 | |
| 20 days ago | over 1 year ago | |
| PowerShell | PowerShell | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vulnerable-AD
-
Student 1 Year out from Grad overwhelmed
At one he also mentions Vulnerable-AD, which might be helpful when learning how to identify and respond to AD attacks. This might give you an idea of what other areas/components to focus on with your projects. Good luck!
-
Active Directory Security Tools
VulnerableAD - perfect for creating a vulnerable AD environment - https://github.com/WazeHell/vulnerable-AD
- Failed with 60 points (with Lab report) in first attempt
- Virtual AD environmnet to play with Bloodhound
-
Vulnerable Machines
This is a pretty cool project: https://github.com/WazeHell/vulnerable-AD
-
Test in one month, kinda gave up but also don't want to skip the test nor do I want to completely bomb. I want to at least try, what are some good resources that are either cheaper/free to prepare?
https://github.com/WazeHell/vulnerable-AD for active directory 4 days.
- Can you recommend good active directory labs?
- Need resources for BO and AD study
-
Vulnerable Active Directory Domain Controller for you to attack! Easy, with tools loaded
I created a vulnerable domain controller. I used wazehell's powershell script, so you can do all kinds of attacks.
-
[HELP] :: AD LAB SETUP
I setup automated Chris Longs Detection Lab, to quickly spin up AD environment, AND i took WazeHell's Vulnerable-ad scripts to make the lab vulnerable to all kinds of attacks. Easy and effective lab with a domain controller, 2 servers and a windows 10 client.
ConPtyShell
-
Powershell doesn't work in my netcat reverse shell
The console/tty support in Windows is not....great. This has only been changing in recent Windows 10 versions. You can run into issues a lot if whatever app you are running does more than basic i/o. One thing you may want to try out is ConPtyShell. It will let you create a much nicer reverse shell experience on newer Windows 10 targets.
- ConPtyShell - Fully Interactive Reverse Shell for Windows :
-
Tips for Windows fully interactive shell
For the longest time, the Windows console just...wasn't very good. It didn't have the kind of PTY support that Linux, etc. had. This has changed in more recent versions of Windows 10, as part of WSL improvements. There is at least one package, ConPtyShell, that takes advantage of this for bind/reverse shell use. Other than that, there is not a whole lot else.
What are some alternatives?
GOAD - game of active directory
terminalizer - 🦄 Record your terminal and generate animated gif images or share a web player
DVWA - Damn Vulnerable Web Application (DVWA)
Chimera - Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
nishang - Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
BadBlood - BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
Terminal-Icons - A PowerShell module to show file and folder icons in the terminal
AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
DotFetch - An alternative to NeoFetch on Windows
Testimo - Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests
PoshC2 - A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.