search

Game Of Active Directory (GOAD)

hashtag
🎮 Game Of Active Directory (GOAD)

A vulnerable Active Directory lab project by Orange Cyberdefense designed for real‑world Red, Blue, and Purple Team training.

hashtag
📌 Overview

Game Of Active Directory (GOAD) is an open‑source Active Directory penetration testing lab created by Orange Cyberdefense. It allows security professionals to practice AD attacks, misconfiguration abuse, and detection engineering in a safe, isolated environment.

GOAD intentionally contains:

  • Weak credentials

  • Misconfigured ACLs

  • Poor delegation models

  • Vulnerable services (SMB, MSSQL, IIS)

This makes it ideal for hands‑on AD learning without building everything manually.

🔗 Official Docs: https://orange-cyberdefense.github.io/GOAD/

hashtag
🧠 Why GOAD for Active Directory Practice?

  • Realistic multi‑domain AD environments

  • Built by real incident responders & red teamers

  • Repeatable, scripted lab deployment

  • Supports multiple virtualization platforms

  • Perfect for red team, blue team, and purple team workflows

hashtag
📦 Available GOAD Labs

Lab
Description

GOAD (Full)

5 VMs, 2 forests, 3 domains (complex enterprise‑like setup)

GOAD‑Light

3 VMs, 1 forest, 2 domains (hardware‑friendly)

MINILAB

2 VMs (DC + workstation) – beginner friendly

SCCM

Includes Microsoft SCCM for attack practice

NHA

No hints provided – discover the environment yourself

hashtag
🏗️ Architecture Overview

A typical GOAD lab includes:

  • Windows Domain Controllers

  • Domain Member Servers

  • Workstations

  • Multiple trusts and forests

Example (Full GOAD):

  • kingslanding → sevenkingdoms.local

  • winterfell → north.sevenkingdoms.local

  • meereen → essos.local

  • castelblack → IIS / MSSQL

  • braavos → SMB / MSSQL

hashtag
⚙️ System Requirements

hashtag
Host Requirements

  • Linux (Ubuntu recommended)

  • Python 3.10+

  • 16–32 GB RAM recommended

  • 150+ GB free disk space

hashtag
Supported Providers

  • VirtualBox

  • VMware Workstation / ESXi

  • Proxmox

  • Azure / AWS

  • Ludus

hashtag
🚀 Installation (Ubuntu + VirtualBox)

hashtag
1️⃣ Install Dependencies

hashtag
2️⃣ Clone GOAD

hashtag
3️⃣ Validate Environment

hashtag
4️⃣ Deploy the Lab

hashtag
5️⃣ Interactive Mode

hashtag
☁️ Using Other Providers

Example (VMware):

Example (Azure):

hashtag
🧪 What You Can Practice in GOAD

hashtag
🔴 Red Team

  • AD enumeration

  • Kerberos abuse

  • ACL exploitation

  • Lateral movement

  • Persistence techniques

hashtag
🔵 Blue Team

  • Log analysis

  • AD attack detection

  • GPO hardening validation

  • Incident replay

hashtag
🟣 Purple Team

  • Attack → Detect → Improve loops

  • MITRE ATT&CK mapping

  • Control validation

hashtag
🔁 Resetting & Rebuilding

Destroy lab:

Re‑deploy:

hashtag
📚 Recommended Learning Path

  1. Deploy GOAD‑Light or MINILAB

  2. Enumerate AD structure

  3. Identify misconfigurations

  4. Exploit in a controlled way

  5. Observe impact and logs

  6. Rebuild and repeat

hashtag
⚠️ Ethics & Safety

GOAD is intentionally vulnerable. ⚠️ Never expose labs to the internet. ⚠️ Use only for authorized training and learning.

hashtag
🔗 Useful Resources

  • Official Docs: https://orange-cyberdefense.github.io/GOAD/

  • GitHub Repo: https://github.com/Orange-Cyberdefense/GOAD

  • Community Writeups: https://mayfly277.github.io/categories/goad/

  • AD Fundamentals: https://learn.microsoft.com/en-us/windows-server/identity/active-directory-domain-services

hashtag
🏁 Final Thoughts

GOAD is one of the best free Active Directory labs available today. If you want to master AD attack paths and defenses, this lab is a must‑have in your learning arsenal.

Happy hacking — responsibly ⚔️

PreviousLudus Lab Platform

Last updated