Vulnerable-AD: Create a vulnerable active directory that allows you to test most of the attacks in a local project.
Main characteristics
- Randomize attacks
- Full coverage of the reported attacks
- you must run the script on DC with Active Directory installed
- Some of the attacks require a client workstation
Supported attacks
- Abusing ACLs / ACEs
- Kerber-roasting
- AS-REP Roasting
- Abuse DnsAdmins
- Password in the AD User comment
- Password Spraying
- DCSync
- Silver Tickets
- Golden Ticket
- Pass the Hash
- Pass-the-Ticket
- SMB Signing Disabled
You can download it program from here.