Overview

GOAT is my self-hosted Active Directory hacking lab built with Ludus on a bare-metal server. The goal was to create a repeatable enterprise-style environment for practicing enumeration, privilege escalation, lateral movement, domain compromise paths, and reporting workflows without touching real production systems.

What I Built

• Bare-metal virtualization host for stable lab performance.
• Ludus-based deployment workflow for repeatable AD environments.
• Windows domain targets, attack workstations, and segmented lab services.
• Practice scenarios for AD enumeration, Kerberos abuse paths, credential exposure, privilege escalation, and post-exploitation validation.

Outcome

The lab gives me a controlled place to sharpen Active Directory tradecraft, test tooling, document findings, and rehearse realistic red-team and pentest workflows in a safe environment.

Image reference: Active-directory.svg by RRZEicons via Wikimedia Commons, CC BY-SA 3.0.