Andre Collins_

Active Directory Attack & Defense Lab

Type: Homelab build · Status: In progress · Started: 2026-07-08
Skills / tools: Active Directory, Windows Server, Kali Linux, Nmap, BloodHound, isolated networking

This is a stub, created up front so documentation happens alongside the build. Sections are filled in as the lab progresses. All work is performed on an isolated network on systems I own — nothing here is internet-facing, and no real credentials or PII are used.

Objective

[To fill in] Build a small Active Directory environment and practice a full attack path — enumeration → credential access → privilege escalation to Domain Admin — then note the defensive controls that would have caught each step.

Environment

[To fill in — add network diagram] Host-only / isolated network, segmented from the home LAN. Snapshots taken before each exercise.

Approach & methodology

[To fill in] Recon → enumeration → exploitation → post-exploitation. Screenshots where helpful. Redact real flags/answers — teach the method, not the solution.

Key findings / what happened

[To fill in] Results with sanitized evidence.

Lessons learned

[To fill in] What I understand now that I didn't before.

Pitfalls in live environments

[To fill in] The 3 common pitfalls someone hits getting this working for real, and how to get through them efficiently.

Mapping to skills

[To fill in] AD attack paths, enumeration, privilege escalation, secure configuration — and the defensive/detection counterpart for each.

← Back to projects