Invoke-ADLabDeployer: Automated deployment of Windows and Active Directory test lab networks

Invoke-ADLabDeployer

Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.

During red teaming gigs, we encounter many different setups for our clients. To test our payloads and to review our artifacts we need a lab that allows us to quickly deploy Windows OS version X with Office version Y, in a fully working AD and a network setup that has separate broadcast segments. Invoke-ADLabDeployer does the heavy lifting. From there on you can easily tune to your exact liking, e.g. create specific GPO’s, install extra software, and make any other final tuning for the setup that you need.

Invoke-ADLabDeployer relies heavily on techniques like Hyper-V, Sysprep and (remote) Powershell for the deployment and configuration.

There are other projects out there that do similar things. But Invoke-ADLabDeployer has support for all Windows OS versions currently encountered at clients, specifically support for Win7 and Server2008R2, while keeping resource usage low by using smart Hyper-V tricks like differencing disks, dynamic memory, etc. More background info and reasoning why this script has added value over others as well as over Azure here

Flow of script

On a generic level, the following tasks are performed:

• Read the configuration file and perform syntax checks
• Basic check on host OS network setup, i.e. required packages, enable routing and set WSMan trustedhosts
• Virtual network setup.
• Make linked copies (differencing disks) to the parent VHDs.
• Mount the linked disks and edit the unattend file to inject hostname, IP address, local user, etc.
• Unmount the disks and create the new virtual guests from the linked VHDs.
• Power on, wait some time for sysprep to complete.
• Install and configure the Active Directory Domain Controller.
• Have clients join the new domain.
• Install Office and other software packages.
• Perform final configs of local settings, e.g. RDP, Windows Update, some performance tuning, etc.

Download

git clone https://github.com/outflanknl/Invoke-ADLabDeployer.git

Usage

Import: Import-Module .\Invoke-ADLabDeployer.ps1

Start deployment: Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name demolab -Verbose

Test the config file: Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name demolab -CheckConfigOnly

Have the config returned into local hashtables: $return_net,$return_sys,$return_adds = Invoke-ADLabDeployer -LabConfigFile configs\labs_config.xml -Name demolab -CheckConfigOnly

Copyright (c) 2018, Marc Smeets
All rights reserved.

Source: https://github.com/outflanknl/