Jump to content


1

Windows domain real world lab


3 replies to this topic

#1 NooBToBe

NooBToBe

    Member

  • Banned
  • PipPip
  • 10 posts
  • 2337 thanks

Posted 12 January 2019 - 03:22 PM

Hi guys,

After seeing a topic about windows domain pentesting i can saw there is no tutorial on the internet about making a real world lab for making real word pentesting scenario. I know there is a lot of you that will say that exist or they always say real world scenarion etc but at the final thats just a "shitty" lab, a static lab with no real traffic analysis, or share folder/email openning that you must do it yourself in the place of the victim so for real scenarion thats not the case...

i will make an article here or on a pdf format, on how you can make the best professionnal lab for pentesting windows domain. You will have a real world domain with simulated users who generate traffic, type document, surf on the internet, mapping shares, looking for their email and reading them and openning your malicious document, so with all of that you have an amazing real world scenario to pentest and use real world technics...
So you must have to analyse the traffic of the domain and yu will not find the credentilas directly like in other lab, here you will find a lot of garbage like in the real world, some employee of the domain will look youtube, facebook, but other will look their email so they log in ;) Others will open your malicious word document in their email so you can make this attack like in real world, others will mount share folder so you must have to check if you can attack smb port ect ect and all of those employee action will be done automatically without you need to click anywhere, thats like real employee doing their stuff at work!!! you just have to boot yours VMs and start a script and voila, you can start your pentest!!!

So if there is some guys who are interested in this i will do it, thats a long tuto with a lot of things to explain so i will take my time to do it well. I will release it "fast" (1 month at least) if there is a lot of guys interested, and if "nobody" i will sahre it on a blog where i will help new/intermediate pentesters with learning resources/advices/exercises

Have fun

#2 sanscertfreak

sanscertfreak

    Junior Member

  • Members
  • PipPip
  • 1 posts
  • 488 thanks

Posted 12 January 2019 - 05:06 PM

This would be great ! Setting up your own labs and doing your own testing is the ultimate learning experience. I'd be interested in this.

#3 JamesTr

JamesTr

    Junior Member

  • Members
  • PipPip
  • 1 posts
  • 33 thanks

Posted 12 January 2019 - 08:05 PM

would be interested in this take your time :-)

#4 NooBToBe

NooBToBe

    Member

  • Banned
  • PipPip
  • 10 posts
  • 2337 thanks

Posted 13 January 2019 - 10:03 AM

ok guys i start writing it, like i said that will take me some time but i always do what i promess ;)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top