├── .gitignore
├── ADEnvInit
    ├── ADInit.ps1
    ├── AzureDeployment
    │   ├── ADPenTestEnvDeploy.json
    │   └── ADPenTestEnvDeploy.parameter.json
    ├── gpo
    │   └── FilePermission.zip
    ├── joinDomain.ps1
    ├── relayvictim.ps1
    ├── serviceSetUp
    │   ├── README.md
    │   ├── agreement.exe
    │   ├── helper.cs
    │   ├── helper.exe
    │   ├── securityService.cs
    │   ├── securityService.exe
    │   ├── securityServiceManagement.cs
    │   └── securityServiceManagement.exe
    ├── student.ps1
    └── webServer
    │   └── fileupload.aspx
├── Lab1_Reconn
    ├── README.md
    ├── accessMask.csv
    ├── bloodHound.md
    ├── netLocalGroupAndMemberSMBEnum.cs
    └── translateAccessMask.ps1
├── Lab2_PrivilegeEsclation
    ├── README.md
    ├── openCmdWithUserToken.cs
    └── ycm.jpg
├── Lab3_CredentialDumpingAndLateralMovement
    ├── NTLMCalculator.py
    ├── POCKerberoasting
    │   ├── Kerberoasting.ps1
    │   └── README.md
    ├── POCMimikatz
    │   ├── POCMimikatz.ipynb
    │   └── POCMimikatz.py
    ├── README.md
    └── SMBResponder
    │   ├── README.md
    │   ├── hashCrackCred.png
    │   ├── lab3-1_nbns_spoofer.py
    │   ├── lab3-2_smb_responder.py
    │   ├── packet.py
    │   └── smbSpooferAndResponder.png
├── Lab4_Persistence
    ├── README.md
    └── cve_2018_8581_CredentialCache_DefaultCredentials.cs
├── README.md
└── Solution
    ├── Lab1
        └── README.md
    ├── Lab2
        └── README.md
    └── Lab3
        ├── README.md
        ├── nbnsSpoofer.py
        └── smbResponder.py


/.gitignore:
--------------------------------------------------------------------------------
1 | *.swp
2 | .*
3 | __*
4 | 


--------------------------------------------------------------------------------
/ADEnvInit/ADInit.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/ADInit.ps1


--------------------------------------------------------------------------------
/ADEnvInit/AzureDeployment/ADPenTestEnvDeploy.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/AzureDeployment/ADPenTestEnvDeploy.json


--------------------------------------------------------------------------------
/ADEnvInit/AzureDeployment/ADPenTestEnvDeploy.parameter.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/AzureDeployment/ADPenTestEnvDeploy.parameter.json


--------------------------------------------------------------------------------
/ADEnvInit/gpo/FilePermission.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/gpo/FilePermission.zip


--------------------------------------------------------------------------------
/ADEnvInit/joinDomain.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/joinDomain.ps1


--------------------------------------------------------------------------------
/ADEnvInit/relayvictim.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/relayvictim.ps1


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/README.md


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/agreement.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/agreement.exe


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/helper.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/helper.cs


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/helper.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/helper.exe


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/securityService.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/securityService.cs


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/securityService.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/securityService.exe


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/securityServiceManagement.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/securityServiceManagement.cs


--------------------------------------------------------------------------------
/ADEnvInit/serviceSetUp/securityServiceManagement.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/serviceSetUp/securityServiceManagement.exe


--------------------------------------------------------------------------------
/ADEnvInit/student.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/student.ps1


--------------------------------------------------------------------------------
/ADEnvInit/webServer/fileupload.aspx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/ADEnvInit/webServer/fileupload.aspx


--------------------------------------------------------------------------------
/Lab1_Reconn/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab1_Reconn/README.md


--------------------------------------------------------------------------------
/Lab1_Reconn/accessMask.csv:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab1_Reconn/accessMask.csv


--------------------------------------------------------------------------------
/Lab1_Reconn/bloodHound.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab1_Reconn/bloodHound.md


--------------------------------------------------------------------------------
/Lab1_Reconn/netLocalGroupAndMemberSMBEnum.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab1_Reconn/netLocalGroupAndMemberSMBEnum.cs


--------------------------------------------------------------------------------
/Lab1_Reconn/translateAccessMask.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab1_Reconn/translateAccessMask.ps1


--------------------------------------------------------------------------------
/Lab2_PrivilegeEsclation/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab2_PrivilegeEsclation/README.md


--------------------------------------------------------------------------------
/Lab2_PrivilegeEsclation/openCmdWithUserToken.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab2_PrivilegeEsclation/openCmdWithUserToken.cs


--------------------------------------------------------------------------------
/Lab2_PrivilegeEsclation/ycm.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab2_PrivilegeEsclation/ycm.jpg


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/NTLMCalculator.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/NTLMCalculator.py


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/POCKerberoasting/Kerberoasting.ps1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/POCKerberoasting/Kerberoasting.ps1


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/POCKerberoasting/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/POCKerberoasting/README.md


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/POCMimikatz/POCMimikatz.ipynb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/POCMimikatz/POCMimikatz.ipynb


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/POCMimikatz/POCMimikatz.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/POCMimikatz/POCMimikatz.py


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/README.md


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/README.md


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/hashCrackCred.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/hashCrackCred.png


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/lab3-1_nbns_spoofer.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/lab3-1_nbns_spoofer.py


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/lab3-2_smb_responder.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/lab3-2_smb_responder.py


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/packet.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/packet.py


--------------------------------------------------------------------------------
/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/smbSpooferAndResponder.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab3_CredentialDumpingAndLateralMovement/SMBResponder/smbSpooferAndResponder.png


--------------------------------------------------------------------------------
/Lab4_Persistence/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab4_Persistence/README.md


--------------------------------------------------------------------------------
/Lab4_Persistence/cve_2018_8581_CredentialCache_DefaultCredentials.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Lab4_Persistence/cve_2018_8581_CredentialCache_DefaultCredentials.cs


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/README.md


--------------------------------------------------------------------------------
/Solution/Lab1/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Solution/Lab1/README.md


--------------------------------------------------------------------------------
/Solution/Lab2/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Solution/Lab2/README.md


--------------------------------------------------------------------------------
/Solution/Lab3/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Solution/Lab3/README.md


--------------------------------------------------------------------------------
/Solution/Lab3/nbnsSpoofer.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Solution/Lab3/nbnsSpoofer.py


--------------------------------------------------------------------------------
/Solution/Lab3/smbResponder.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/newtonguass/ADPenLab/HEAD/Solution/Lab3/smbResponder.py


--------------------------------------------------------------------------------