Active Directory Attack Lab: Recon-to-Root
This step-by-step lab walks you through real-world AD attack techniques—starting with port scans and ending in full domain compromise using tools like nmap, kerbrute, evil-winrm, and BloodHound. Perfect for aspiring red teamers and security learners.
By CyberTask Engineer · Medium level
18
Tasks
1
Sections
113
Points
1 hr
Duration
What You'll Learn
- Simulate a complete Active Directory attack chain from recon to domain admin
- Exploit Kerberos, LDAP, and SMB misconfigurations
- Use BloodHound to visualize attack paths and abuse AD permissions
Prerequisites
- Basic networking concepts
- Understanding of Windows Active Directory
Tools & Technologies
Nmap
Kerbrute
Netexec
BloodHound
Evil-WinRM
Impacket
Kali Linux
Ready to Begin?
Sign in or create an account to start this lab and earn points.