ATLAS offers a low-resource Active Directory security lab
Project ATLAS is a hands-on practice environment for security students and junior . It is intentionally built with weak settings so learners can practice attacks such as getting an initial foothold, mapping the inside of a network, and raising their access level.
It is inspired by projects like GOAD, but its main focus is using fewer resources. Instead of needing 32GB of memory or costly server hosting, it is designed to run on small cloud instances such as Azure or AWS free tiers.
It uses Server Core, low-spec client machines, and modular PowerShell steps that add the weak settings directly instead of relying on heavy setups. Version 1.0 includes Kerberos basics, a simulated 100-user domain with default password leaks and password spraying practice, and through insecure SMB shares and old GPP cpassword data in SYSVOL.
Key points
- Project ATLAS v1.0 is a vulnerable lab for hands-on security practice.
- It targets students and junior .
- It is designed to avoid the usual need for 32GB of memory or expensive hosting.
- It uses Server Core, low-spec clients, and PowerShell phases to inject weak settings.
- The first version covers Kerberos attacks, password spraying, insecure SMB shares, and old GPP cpassword issues.