WazeHell / Vulnerable Ad
Licence: mit
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360
Programming Languages
powershell
5483 projects
Projects that are alternatives of or similar to Vulnerable Ad
Tactical Exploitation
Modern tactical exploitation toolkit.
Stars: ✭ 585 (+62.5%)
Mutual labels: penetration-testing, active-directory
Hunter
(l)user hunter using WinAPI calls only
Stars: ✭ 359 (-0.28%)
Mutual labels: penetration-testing, active-directory
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+6.11%)
Mutual labels: penetration-testing, active-directory
Dsinternals
Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+115.56%)
Mutual labels: penetration-testing, active-directory
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+141.67%)
Mutual labels: penetration-testing, active-directory
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 1,392 (+286.67%)
Mutual labels: penetration-testing, active-directory
Mssqli Duet
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-77.22%)
Mutual labels: penetration-testing, active-directory
Minimalistic Offensive Security Tools
A repository of tools for pentesting of restricted and isolated environments.
Stars: ✭ 135 (-62.5%)
Mutual labels: penetration-testing, active-directory
Dnscat2 Powershell
A Powershell client for dnscat2, an encrypted DNS command and control tool.
Stars: ✭ 295 (-18.06%)
Mutual labels: penetration-testing
Osintgram
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (-13.33%)
Mutual labels: penetration-testing
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+878.06%)
Mutual labels: penetration-testing
Reverse Shell Cheatsheet
🙃 Reverse Shell Cheat Sheet 🙃
Stars: ✭ 297 (-17.5%)
Mutual labels: penetration-testing
Pywerview
A (partial) Python rewriting of PowerSploit's PowerView
Stars: ✭ 292 (-18.89%)
Mutual labels: active-directory
Pode
Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers
Stars: ✭ 329 (-8.61%)
Mutual labels: active-directory
Hackdroid
Android Apps, Roms and Platforms for Pentesting
Stars: ✭ 310 (-13.89%)
Mutual labels: penetration-testing
Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab
Main Features
- Randomize Attacks
- Full Coverage of the mentioned attacks
- you need run the script in DC with Active Directory installed
- Some of attacks require client workstation
Supported Attacks
- Abusing ACLs/ACEs
- Kerberoasting
- AS-REP Roasting
- Abuse DnsAdmins
- Password in AD User comment
- Password Spraying
- DCSync
- Silver Ticket
- Golden Ticket
- Pass-the-Hash
- Pass-the-Ticket
- SMB Signing Disabled
Example
# if you didn't install Active Directory yet , you can try
Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\\Windows\\NTDS" -DomainMode "7" -DomainName "cs.org" -DomainNetbiosName "cs" -ForestMode "7" -InstallDns:$true -LogPath "C:\\Windows\\NTDS" -NoRebootOnCompletion:$false -SysvolPath "C:\\Windows\\SYSVOL" -Force:$true
# if you already installed Active Directory, just run the script !
IEX((new-object net.webclient).downloadstring("https://raw.githubusercontent.com/wazehell/vulnerable-AD/master/vulnad.ps1"));
Invoke-VulnAD -UsersLimit 100 -DomainName "cs.org"
TODO
- Add More realistic scenarios
- Click close issue button on github
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].