Development of pentesting training environment

Being used in over 90% of enterprise networks, Active Directory (AD) plays an important role in today's enterprise networks, managing authentication and access control, and thus making it a frequent target for cyberattacks. This thesis focuses on creating a virtual environment that mimics a cor...

ver descrição completa

Detalhes bibliográficos
Autor: Troeger, Alexander
Formato: tesis de maestría
Fecha de publicación:2025
País:España
Recursos:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/450688
Acesso em linha:https://hdl.handle.net/2117/450688
Access Level:acceso abierto
Palavra-chave:Penetration testing (Computer security)
Directories
Pentesting
Active directory
Training environment
Prova de penetració (Seguretat informàtica)
Directoris
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Descrição
Resumo:Being used in over 90% of enterprise networks, Active Directory (AD) plays an important role in today's enterprise networks, managing authentication and access control, and thus making it a frequent target for cyberattacks. This thesis focuses on creating a virtual environment that mimics a corporate network with an Active Directory infrastructure. The environment, built using VirtualBox and Vagrant, serves as a platform for penetration testers to explore and learn about AD vulnerabilities and attack vectors. The main part of the thesis simulates an attack path within the virtual environment, accompanied by a detailed report documenting each step. By providing a hands-on training ground and showcasing attack methodologies, this thesis contributes to the field of cybersecurity by equipping students with practical skills to secure AD environments.