ADPenTest Lab

This repository ami to provide a quick setup for simple AD penetration environment, including

• Azure AD PenTest Environment
  • Quick start template to build one domain controller and a compute ready for join domain
  • Leverage the Azure bastion server to RDP to enhance the ADPen environment.
• Domain Attack Kill Chain Lab
  • Reconn
    • SPN scanning
    • User, Group, Computer enum
    • High privilege account hunting
    • Attacking path finding
  • PrivilegeEsclation
    • Exploiting group policy vulnerability
    • Hidden account
  • CredentialDumping & Lateral Movement
    • Responder
    • Handcraft of simple Mimikatz
    • Kerberoasting
  • Persistence
    • NTLM Relay
    • DC sync
  • Defense&Detection
    • How to mitigate Mimikatz

---

AD Pen test environment quick setup in Azure

• This template creates two VM in Azure. One is domain controller and the other one is computer that is for join domain.
• Since default network security group does not allow inbound connection from internet and there are no public IP in those VMs, you need to use bastion server to connect VMs. if you want to RDP directly, you need to add public IP and change the network security group.

---

Tips

1. Change the VMs to what you want in the Azure deployment page.
2. Customize parameters in azuredeploy.parameters as you see appropriate.