Skip to content

Latest commit

 

History

History
145 lines (103 loc) · 2.9 KB

README.md

File metadata and controls

145 lines (103 loc) · 2.9 KB

Description

Playground for Blue Team / Red Team exercises on Active Directory. Designed to be automatically deployed and easily extensible with custom scenarios.

image

Architecture

graph LR
    subgraph "Local Host (Linux)"
        A1["Vagrantfile"] --> A2["VirtualBox"]
        A3["Ansible"] -->|Runs Playbooks| A2
        A4["Makefile"] -->|Invokes Targets| A3
        A5["Scripts/"] -->|Provides PowerShell Tasks| A3
    end

    subgraph "VirtualBox VMs"
        B1["Windows Server AD"] -->|Provisioned by| A2
        B2["BadBlood"] -->|Seeds Data| B1
        B3["Red Team Tools"] -->|Exploit| B1
        B4["Blue Team Tools"] -->|Patch| B1
        B5["Scanning Tools"] -->|Analyze AD| B1
    end

    A2 --> B1
    A3 --> B2
    A3 --> B3
    A3 --> B4
    A3 --> B5
Loading

Requirements

  • Linux
  • Ansible
  • Vagrant
  • VirtualBox

Installation

git clone https://github.com/MikeHorn-git/ADSecOps.git
cd ADSecOps/

Arch Linux

chmod +x ./requirements/Arch.sh
./requirements/Arch.sh
make setup

Debian

chmod +x ./requirements/Debian.sh
./requirements/Debian.sh
make setup

Usage

Usage: make <target>

Targets:
  setup         Deploy Vagrant and run BadBlood playbook
  deploy        Install requirements
  red           Deploy Red Team playbooks
  blue          Deploy Blue Team playbooks
  scans         Deploy scanning playbooks
  all           Deploy all playbooks
  report        Create a report in PDF format
  clean         Destroy Vagrant VMs
  prune         Prune invalid entries
  distclean     Execute clean and prune commands

Scenarios

Red Team Playbooks

  • vuln_adcs_template_control
  • vuln_kerberos_properties_preauth_priv
  • vuln_permissions_gpo_priv

Blue Team Playbooks

  • patch_kerberos_properties_preauth_priv
  • patch_permissions_gpo_priv

Scanning Playbooks

  • adrecon
  • pingcastle

Provisioning

  • badblood
  • inventory

Create Your Own Scenarios

  • Create Your PowerShell Script

    • Write your PowerShell script and save it in the appropriate scripts/ directory.

  • Create an Ansible Playbook

    *rite an Ansible playbook that:

    • Waits for the script to be available on the target machine.
    • Executes the PowerShell script using win_shell or win_command.

  • Add the Script to Your Repository

    • Place the PowerShell script in the correct path within the repository (e.g., scripts/red/).

  • Run the Playbook

    • Use the Makefile to deploy the script (e.g., red):

      make red

Known Issues

WinRM Command Error

An error occurred executing a remote WinRM command.

Shell: Cmd
Command: hostname
Message: Digest initialization failed: initialization error

Solution: Enable legacy cipher in OpenSSL:

export OPENSSL_CONF=./.openssl-legacy.cnf