I'm the one who pwns!
breakingbAD is a plateform for cybersecurity enthusiasts to conduct vulnerability research in an easy and fast way. The current laboratory is Active Directory oriented.
This project wouldn't exist without GOAD (Game of Active Directory). My laboratory is inspired by it (credits to Mayfly) and I strongly recommend giving it a try.
The laboratory contains dangerous AD configurations as well as Windows vulnerabilities (related to patching).
To better name a vulnerability related to dangerous AD configurations, identifiers are used.
- ID = 01 | ESC8
- ID = 02 | NTLMv1
- ID = 03 | WebClient
- ID = 04 | GPO
- ID = 05 | IPv6
- ID = 06 | LLMNR, NBT-NS & mDNS
- ID = 07 | Password in user's description
- ID = 08 | Kerberoasting
- ID = 09 | ASREProasting
- ID = 10 | ESC1
- ID = 11 | Anonymous Logon special group (inside the Pre-Windows 2000 Compatible Access group)
- sAMAccountName spoofing
- ZeroLogon
- Certifried
Currently, the 3 machines used are Windows Server 2019. The images are taken from StefanScherer in version 2019.05.22.
The laboratory make use of the following tools:
- Python
- Vagrant
- Ansible
- VirtualBox
See Read the Docs