7MS #556: How to Build a Vulnerable Pentest Lab
7 Minute Security · Brian Johnson
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Today's episode is brought to us by our friends at Blumira!
Today we kick off a series all about building your own vulnerable pentest lab from scratch, specifically:
- Spinning up a domain controller with a few lines of PowerShell
- Installing Active Directory Domain Services
- Setting up an intentionally cruddy password policy
- Baking in the MS14-025 vulnerability
P.S. if you're looking for a more automated/push-button solution to get up and going with a lab to play in, check out some of these options:
https://github.com/Orange-Cyberdefense/GOAD https://automatedlab.org/en/latest/ https://github.com/microsoft/MSLab https://github.com/davidprowe/BadBlood https://github.com/cliffe/secgen https://github.com/WazeHell/vulnerable-AD