This repository is purposed for security testing in a modern Windows Active Directory domain which is hosted using Windows Server 2022 and consists of Windows 11 workstations. This repository is meant to hold walkthroughs and scripts which can be used to quickly generate active directory domains at scale in a virtual environment.
- Account Discovery (local and domain)
- System Owner/User Discovery
- Domain Trust Discovery
- Password Policy Discovery
- Group Policy Discovery
- Permission Groups Discovery
- System Information Discovery
- File and Directory Discovery
- Network Share Discovery
- System Network Configuration Discovery
- System Network Connections Discovery
Various adversarial defense evasion and credential access techniques which can be tested with this environment:
- Modify Registry
- Domain Policy Modification
- File and Directory Permissions Modification
- Access Token Manipulation
- Use Alternate Authentication Material
- Indicator Removal on Host
- OS Credential Dumping
- Steal or Forge Kerberos Tickets
- Brute Force
- Brute Force: Password Spraying
This environment can also be used to test other adversarial tactics such as persistence, privilege escalation, lateral movement, collection, command and control, exfiltration, and impact.