GOAD

GOAD (Game Of Active Directory) is a comprehensive laboratory environment designed for offensive security professionals to master Active Directory exploitation. It leverages Infrastructure as Code (IaC) to automate the deployment of multi-forest, multi-domain environments containing intentionally engineered vulnerabilities.

Key Features

• Automated deployment using Ansible, Vagrant, and Terraform across multiple providers including VirtualBox, VMware, Proxmox, and Azure.
• Multiple lab variants including GOAD-Full (5 VMs), GOAD-Light, MINILAB, and specialized SCCM environments.
• Integrated challenges like NHA and DRACARYS that provide "black-box" scenarios without pre-defined network schemas.
• Support for a vast range of AD attack vectors including Kerberoasting, ASREPRoasting, ACL abuse, GPO exploitation, and cross-forest trust attacks.

Use Cases

• Practicing post-exploitation and lateral movement techniques in a complex, multi-domain Windows environment.
• Testing red team tradecraft and custom malware in a realistic AD forest without risking production systems.
• Developing and verifying detection signatures for common and advanced Active Directory attack patterns.
• Preparing for professional offensive security certifications focused on Windows infrastructure and network environments.