Set up for testing - Active Directory Tutorial

- [Instructor] We've done a little hands on work so far, so let's take a look at what we need for the full testing lab corrective directory. This course is about active directory and so it's a minimum, we need a Carly testing workstation and an active directory running on a Windows server. It's useful to also have at least one domain workstation. And this is going to make virtual box a little bit sluggish. I'll be using these systems on a Proxmox virtualization server, rather than my normal virtual box lab. Proxmox is open source and for serious active directory work I'd recommend using it. You can set up a very respectable lab on a secondhand server for just a hundred dollars or so. If you want to install active directory and follow along, then you can download and install the 180 day free version of Microsoft server 2019 from the Microsoft site shown here and configure it for the active directory domain server role. We've already lugged the 10 map and L DAP admin and we've installed J Explorer. There are our five additional tools we'll be using during the course, and these are useful additions to our testing toolkit. We'll be using PowerShell on the active directory itself to carry out testing, and we'll extend active directories built-in capabilities with a package shown here, called DS internals. We can load DS internals directly from an administrative PowerShell by entering set execution, policy Unrestricted Install module Minus name, DS internals, and we'll confirm. And we'll confirm again. And we've now installed a DS internals module together with the Nuget package. The second tool we'll use is the Impacket library and its sample Python scripts. We can install them on our Carly workstation with the command sudo apt install Python three, impacket. Okay. The third tool we'll need is bloodhound. This comes in two parts the main bloodhound analysis engine, which is based on the Neo four J graph tool and the bloodhound Python data collector. Bloodhound isn't installed as standard in Carly. So we need to install it. Sudo apt install bloodhound. And this'll take a little while. So let's come back when it's finished. Okay. The second part of getting this tool ready is to install the Python agent. And we do that with pip install bloodhound. Okay, we'll leave this here now and we'll come back to it when we are ready to use it on our active directory target. Kerbrute is a Kerberos protocol based tool which can be used for testing active directory accounts. We can download Kerbrute from the ropnop github site. Okay, I've downloaded that with the file name Kerbrute. So let's set it to be executable. chmod plus X kerbrute. Another tool which we can install is crack map exec shown here. This is a useful multi-protocol testing tool. We install this using apt, sudo apt install crack map exec. - Okay. We've set up the main testing tools. So let's go do some testing.