Home

Awesome

<div align="center"> <h1><img alt="GOAD (Game Of Active Directory)" src="./docs/img/logo_GOAD.png"></h1> <br> </div>

New version v3 (beta) is here : https://github.com/Orange-Cyberdefense/GOAD/tree/v3-beta

Description

GOAD is a pentest active directory LAB project. The purpose of this lab is to give pentesters a vulnerable Active directory environment ready to use to practice usual attack techniques.

Warning This lab is extremely vulnerable, do not reuse recipe to build your environment and do not deploy this environment on internet without isolation (this is a recommendation, use it as your own risk).<br> This repository was build for pentest practice.

Licenses

This lab use free windows VM only (180 days). After that delay enter a license on each server or rebuild all the lab (may be it's time for an update ;))

Available labs

<div align="center"> <img alt="GOAD" width="800" src="./docs/img/GOAD_schema.png"> </div> <div align="center"> <img alt="GOAD Light" width="600" src="./docs/img/GOAD-Light_schema.png"> </div> <div align="center"> <img alt="SCCM" width="600" src="./docs/img/SCCMLAB_overview.png"> </div>

Requirements

tldr; quick install

./goad.sh -t check -l GOAD -p virtualbox -m docker
./goad.sh -t install -l GOAD -p virtualbox  -m docker

Installation

Check before install

./goad -t check -l <LAB> -p <PROVIDER> -m <ANSIBLE_RUN_METHOD>

Install

./goad -t install -l <LAB> -p <PROVIDER> -m <ANSIBLE_RUN_METHOD>

goad.sh options

Provisioning

WriteUp

Troubleshoot

Road Map

Road Map for other labs (because these are too heavy for being embedded in goad)

Lab organization

ad/
  labname/            # The lab name must be the same as the variable : domain_name from the data/inventory
    data/
      config.json     # The json file containing all the variables and configuration of the lab
      inventory       # The global lab inventory (provider independent) (this should no contains variables)
    files/            # This folder contains files you want to copy on your vms
    scripts/          # This folder contains ps1 scripts you want to play on your vm (Must be added in the "scripts" entries of your vms)
    providers/        # Your lab available provider
      vmware/
        inventory     # specific vmware inventory
        Vagrantfile   # specific vmware vagrantfile
      virtualbox/
        inventory     # specific virtualbox inventory
        Vagrantfile   # specific virtualbox vagrantfile
      proxmox/
        terraform/    # specific proxmox terraform recipe
        inventory     # specific proxmox inventory
      azure/
        terraform/    # specific azure terraform recipe
        inventory     # specific azure inventory

Special Thanks to

Socials

<a target="_blank" rel="noopener noreferrer" href="https://twitter.com/intent/follow?screen_name=M4yFly" title="Follow"><img src="https://img.shields.io/twitter/follow/M4yFly?label=@M4yFly&style=social" width="100" height="30" alt="Twitter Mayfly"></a> <a target="_blank" rel="noopener noreferrer" href="https://discord.gg/NYy7rsMf3u" title="Join us on Discord"><img src="./docs/img/discord.png" width="100" height="30" alt="Join us on Discord"></a>

Links

Note