Chris Long recently released DetectionLab, a Vagrant project that allows defenders or attackers to quickly build an Active Directory domain configured with security monitoring tooling and logging best practices. I wanted to write a quick post about why I'm so excited about this and my experiences getting it set up. I highly recommend reading both the README and this blog post that Chris wrote about the project.
Now that we have a functional Active Directory environment, lets make it do something. In this final article we cover creating users, adding computers to the domain and we'll create some basic Group Policy objects.
So, we have a domain controller but we don't have Internet access. Lets fix that as well as add a DHCP server to make things easier on us going forward.
Having a lab is absolutely invaluable for anyone in IT, especially pentesters. Being able to put a new tool or attack through its paces in a safe environment is the best way to to learn and its the only way to develop new attacks and techniques. Nearly every company use Active Directory to manage their infrastructure, so it makes sense to start there.