Welcome to our Project!
Suggest Idea · Support us · See License

Architecture

Overview

1. Part 1 Project Setup and Diagram Design
   Learn how to design the logical structure of your lab environment using Draw.io, and plan the hardware requirements.

2. Part 2 Installing Virtual Machines
   Set up Windows, Kali Linux, and Ubuntu servers on VirtualBox, and configure your lab environment.

3. Part 3 Sysmon and Splunk Installation
   Install and configure Sysmon and Splunk to collect and analyze telemetry from your Active Directory environment.

4. Part 4 Active Directory Setup
   Install and configure Active Directory Domain Services, promote your server to a Domain Controller, and join machines to the domain.

5. Part 5 Attack Simulation and Telemetry Analysis
   Simulate brute-force attacks using Kali Linux, and analyze the telemetry in Splunk.
   Use Atomic Red Team to simulate attacks for testing detection capabilities.

What You Will Learn

In this project, you'll set up a fully functional Active Directory lab, install and configure key services such as Splunk and Sysmon, and simulate cyber attacks.
You'll get hands-on experience in setting up a domain environment, configuring security monitoring, and performing attack simulations.

You'll also learn how to...

• Design and plan a network architecture
• Install and configure multiple virtual machines
• Set up Active Directory Domain Services
• Monitor and analyze security logs using Splunk
• Simulate cyber attacks and test your detection capabilities

Used Tools

• Draw.io Create network diagrams easily.
• VirtualBox Run multiple virtual machines on your computer.
• Windows Server 2022 – Set up Active Directory services.
• Kali Linux A Linux system used for security testing.
• Splunk Collect and analyze logs from your machines.
• Sysmon – Track detailed system events on Windows.
• Atomic Red Team Simulate attacks to test your security setup.

Why You Should Do This

This project is great for anyone looking to level up their IT admin or cybersecurity skills, or both. If you're looking to boost your technical expertise and gain real-world experience in setting up and managing a domain environment, this hands-on project is perfect for you. It's also great preparation for interviews. You'll also get some great experience in monitoring and detecting attacks using industry-standard tools like Splunk and Sysmon.

By the time you're done with this project, you'll be ready to talk about Active Directory architecture and security monitoring in professional settings, including job interviews.

Let's get Started

Ready to build your own Active Directory lab?

Follow the Parts below step by step to complete your project. You'll start by setting up a network, then move on to installing virtual machines, configuring Active Directory, and finally simulating attacks.

Links to Each Part

1. Part 1 Project Setup and Diagram Design
2. Part 2 Installing Virtual Machines
3. Part 3 Sysmon and Splunk Installation
4. Part 4 Active Directory Setup
5. Part 5 Attack Simulation and Telemetry Analysis

Our License

Creative Commons (CC BY-NC-SA 4.0)

This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.