Vulnerable-AD: Create a vulnerable active directory that allows you to test most of the attacks in a local project.
Main characteristics
- Randomize attacks
- Full coverage of those mentioned attacks
- you should run it script on a DC with Active Directory installed
- Some of the attacks require a client workstation
Supported attacks
- Abusing ACLs / ACEs
- Kerber-roasting
- AS-REP Roasting
- Abuse DnsAdmins
- Password in the AD User how to
- Password Spraying
- DCSync
- Silver Tickets
- Golden Ticket
- Pass the Hash
- Pass-the-Ticket
- SMB Signing Disabled
You can download the program from here.