Vulnerable-AD – Create A Vulnerable Active Directory That’S Allowing You To Test Most Of Active Directory Attacks In Local Lab

KitPloit – PenTest Tools!–

Create a vulnerable active directory that’s allowing you to test most of active directory attacks in local lab.

Main Features

  • Randomize Attacks
  • Full Coverage of the mentioned attacks
  • you need run the script in DC with Active Directory installed
  • Some of attacks require client workstation

Supported Attacks

  • Abusing ACLs/ACEs
  • Kerberoasting
  • AS-REP Roasting
  • Abuse DnsAdmins
  • Password in AD User comment
  • Password Spraying
  • DCSync
  • Silver Ticket
  • Golden Ticket
  • Pass-the-Hash
  • Pass-the-Ticket
  • SMB Signing Disabled


# if you didn't install Active Directory yet , you can try 
Install-ADDSForest -CreateDnsDelegation:$false -DatabasePath "C:\\Windows\\NTDS" -DomainMode "7" -DomainName "" -DomainNetbiosName "cs" -ForestMode "7" -InstallDns:$true -LogPath "C:\\Windows\\NTDS" -NoRebootOnCompletion:$false -SysvolPath "C:\\Windows\\SYSVOL" -Force:$true
# if you already installed Active Directory, just run the script !
IEX((new-object net.webclient).downloadstring(""));
Invoke-VulnAD -UsersLimit 100 -DomainName ""


  • Add More realistic scenarios
  • Click close issue button on github

View original article on KitPloit – PenTest Tools!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s