How to automate active directory labs for pentesting
What you'll learn
- Build a home lab for practicing Active Directory and hacking skills
- How to automate active directory based demo labs for pentesting, hacking and training requirements?
- Learn how to setup Hyper-V in Windows 10
- Learn how to setup a domain controller
- Learn how to set up Active Directory
- How to join systems to a Domain
- Learn how to setup DHCP server
- Learn how to install PFsense router/firewall and how to configure firewall rules
- How to secure host system from Virtual machines using PFSense
- Basic networking concepts
- Learn about Group Policy Objects
- How to create local users using a GPO
- How to creating security related group policies
- Learn to use AutomatedLab Powershell tool to automate labs.
- You don't need to know anything. I'll hold you by the hand and show you how to do everything step by step from beginning to end.
- Windows 2016 data center edition iso image - trial version can be downloaded from Microsoft.
- Windows 10 iso image - trial version can be downloaded from Microsoft
- Windows 7
This course will show how to create windows based lab environments for hacking and training demos, learn active directory, software testing in various operating systems and many other use cases. We will use Windows 10 as the host operating system and install the lab using Hyper-V hypervisor. AutomatedLab which uses powershell will be used for setting up this lab. Lab will have Active Directory, Multiple VMs, Router, etc. We'll also install variety of software using Chocolatey framework. Once the script is developed, the labs will be created without user intervention. it's simple to destroy and relaunch the labs. As part of this course, you will learn how to:
* Install Hyper-V
* Install AutomatedLab tool
* Download ISOs
* Create simple VMs with Internet Access
* Create Complex Lab with Active Directory
* Perform various activities in the VMs
* Install Chocolatey and Sysmon
Who this course is for:
- Learn to automate active directory labs for pentesting and other use cases.
- Students with passion in IT and looking for simple instructions to set up active directory based home lab
- Anyone trying to get Microsoft certified
- Anyone who wants to learn Active Directory and how to set it up step-by-step
- Learn about Microsoft's Hyper-V virtualization platform
- Anyone struggling to setup a home lab for practicing the skills
- Anyone with passion in security and need a hacking lab
I'm a security expert with over two decades of security consulting experience. Some of my skills are listed below:
Windows Security Expert – Both offensive and defensive techniques
Performed Network pentesting, security code reviews and application risk assessments for customer facing applications at Fortune 100 companies.
Lead and manage security consultants at U.S.Bank to improve security posture of applications, networks, and Mobile applications.
Delivered several million dollars of security services and technology for clients in the financial, retail, healthcare, manufacturing, and utilities sectors.
Performed Red team hacking for many Fortune 500 companies
Introduced security risk assessments and threat modeling techniques into the organization.
Acted as technical authority on security for numerous RFPs and during contract negotiations.
Participated in many PCI Assessments for many small, large and multinational companies and performed gap analysis, consultation, and development of customized solutions.
Audited applications written in multiple languages, including Java/JSP, VB.NET, ASP.NET, C#, C/C++, PHP.
Web Penetration testing to prove Software Security Vulnerabilities with IBM AppScan, Burp Professional, Paros and Manual Fuzzing and Penetration Testing with AppScan and Firefox plug-ins.
Trained, documented and advised application developers in regards to security risks, secure coding best practices, with practical remediation guidance provided to developers.
Drove the adoption of security scanning tools for both development and production use. Tools utilized: Qualys and IBM Rational AppScan.
Trained developers to write secure code using the OWASP software security testing guide.
Found Software security vulnerabilities for clients including: SQL injection, XSS, Cross Site Request Forgery and multiple other vulnerabilities.
Tested many networks and over a thousand Fortune 100 web applications for security issues; tested top company external and internal and penetrated into systems.
Offensive Security Certified Professional (OSCP)
Cisco Certified Network Associate (CCNA)
GIAC GSSP-JAVA Certification
Certified Ethical Hacker (CEH)
Certified Information Systems Security Professional (CISSP)