GOAD (v3)
🔖 Documentation : https://orange-cyberdefense.github.io/GOAD/
- VMs in VirtualBox are slow and stutter, which possibly causes the playbook to timeout when using winrm when connecting to some VMs (dc03 and srv03 in GOAD never timeout)
- Some solutions here: Orange-Cyberdefense#72. I applied the changes to globalsettings.ini and workspace/your-instance/inventory_disable_vagrant.
- Sometimes the wrong IP will be assigned to the VM, so delete all files of that VM from VirtualBox and install via goad.sh again.
- Use VMware, set the network adapters manually. Works like a charm.
- Make sure you DON'T clone the repo on the UNIX filesystem. Clone it on your Windows NTFS drive, otherwise the VMX files of your VMs won't open in VMware.
GOAD is a pentest active directory LAB project. The purpose of this lab is to give pentesters a vulnerable Active directory environment ready to use to practice usual attack techniques.
Caution
This lab is extremely vulnerable, do not reuse recipe to build your environment and do not deploy this environment on internet without isolation (this is a recommendation, use it as your own risk).
This repository was build for pentest practice.
This lab use free Windows VM only (180 days). After that delay enter a license on each server or rebuild all the lab (may be it's time for an update ;))
- GOAD Lab family and extensions overview
- GOAD : 5 vms, 2 forests, 3 domains (full goad lab)
- GOAD-Light : 3 vms, 1 forest, 2 domains (smaller goad lab for those with a smaller pc)
-
MINILAB: 2 vms, 1 forest, 1 domain (basic lab with one DC (windows server 2019) and one Workstation (windows 10))
-
SCCM : 4 vms, 1 forest, 1 domain, with microsoft configuration manager installed
- NHA : A challenge with 5 vms and 2 domains. no schema provided, you will have to find out how break it.