Created by Fabian Vilela and Jay Turner
Developed during employment at BV Cyber
Automated deployment and management platform for vulnerable Active Directory environments on Azure
WARNING: This platform deploys intentionally vulnerable Active Directory environments. It is designed for authorized security testing, training, and research only. Do not deploy in production environments. Do not expose deployed resources to the internet beyond the auto-configured NSG rules. Users are solely responsible for ensuring compliance with all applicable laws and organizational policies.
COST DISCLAIMER: This tool creates real Azure resources (virtual machines, storage, networking) that incur charges on your Azure subscription. You are fully responsible for all costs associated with resources deployed through this platform. Always shut down deployments when finished and verify all resources have been deleted in the Azure Portal. The maintainers are not responsible for any Azure charges incurred.
- Overview
- Features
- Prerequisites
- Installation
- Quick Start
- Usage
- Development
- Troubleshooting
- Contributing
- License
Auto Infra is an infrastructure management platform designed to rapidly deploy, configure, and manage vulnerable Active Directory environments in Azure. Built for security professionals, red teamers, and penetration testers, it provides an intuitive web interface to spin up realistic attack scenarios with pre-configured vulnerabilities, automated user generation, and integrated attack path management.
- Security Training: Hands-on learning environment for Active Directory attack vectors and defensive techniques
- Exploit Testing: Safe sandbox for validating exploits before client engagements
- Security Research: Flexible platform for AD security research and vulnerability analysis
- CTF Development: Build and deploy custom CTF challenges with realistic AD infrastructure
- One-Click Deployment: Deploy complex multi-domain AD environments in minutes
- Custom Topology Builder: Visual drag-and-drop interface for designing network topologies
- BloodHound Import: Convert BloodHound collections into deployable Azure infrastructure
- Attack Path Management: Enable/disable specific vulnerabilities and attack paths on live environments
- Automated User Generation: Create bulk users with configurable attributes and group memberships
- Certificate Authority Integration: Deploy AD CS with configurable ESC vulnerabilities
- Scenario Versioning: Save deployment states with per-machine version management
- Resource Management: Time-limited deployments with extensible timeouts and automated cleanup
- Docker & Docker Compose: Container runtime (Install Guide)
- Azure Subscription: Active Azure account with Contributor access
- Azure Service Principal: With Contributor role on your subscription
If you don't have a service principal, create one using:
az ad sp create-for-rbac --name "autoinfra" --role Contributor --scopes /subscriptions/<subscription-id>This outputs the appId (Client ID), password (Client Secret), and tenant (Tenant ID) you'll need.
git clone https://github.com/bvcyber/AutoInfra.git
cd autoinfradocker compose upThis will:
- Build the frontend and backend Docker images
- Start both containers
- Expose the frontend on
http://localhost:3000 - Expose the backend API on
http://localhost:8100
- Navigate to
http://localhost:3000 - Go to Azure Setup page
- Enter your Azure service principal credentials:
- Client ID: Your service principal's application (client) ID
- Client Secret: Your service principal's secret value
- Tenant ID: Your Azure AD tenant ID
- Subscription ID: Your target Azure subscription ID
- Click Authenticate
- Select your preferred deployment region
- Navigate to Build page
- Add nodes from the dropdown (Domain Controllers, CAs, Workstations)
- Connect nodes to define network relationships
- Configure node properties (hostnames, passwords, IP addresses)
- Click Build to deploy to Azure
- Once deployed, enable attacks and create users from the Home page
- Navigate to BloodHound page
- Upload your BloodHound JSON export
- Click Generate Topology to convert to a deployable network
- Review and deploy to Azure
- Configure users and attacks on the live environment
- Navigate to Deploy page
- Select a scenario from the list
- Choose version (unified or per-machine)
- Click Deploy
For detailed usage instructions covering all features, see USAGE.md.
- Home page displays deployment status, jumpbox IP, RDP credentials, and remaining time
- Extend adds 1 hour (maximum 2 extensions, 4 hours total)
- Shut Down destroys all Azure resources immediately
- Deployments automatically clean up after timeout expires
- Navigate to Home page with an active deployment
- Open the Configuration panel and click Attacks
- Select vulnerabilities to enable
- Click Enable Selected Attacks
- Wait for the save blocker timer to complete after deployment
- Click Save as Scenario
- Machine images are captured to Azure Compute Gallery
- Topology, users, and enabled attacks are preserved
- Saved scenarios appear on the Deploy page for future reuse
Frontend:
cd autoinfra-frontend
npm install
npm run devFrontend runs on http://localhost:3000
Backend:
cd autoinfra-backend
pip install -r requirements.txt
python app.pyBackend runs on http://localhost:8100
See autoinfra-frontend/src/app/app.config.js for the complete endpoint list.
| Problem | Solution |
|---|---|
| Deployment fails to start | Check Azure authentication on the Azure Setup page. Verify backend is running with docker logs autoinfra-backend |
| Stuck in "Deploying" for >30 minutes | Check Azure Portal for failed deployments in the resource group |
| Cannot RDP to jumpbox | Wait 2-3 minutes after "Deployed" status. Verify NSG rules allow your IP in Azure Portal |
| Attacks not enabling | Check Actions panel for errors. Verify machines are domain-joined and fully initialized |
| Users not appearing | Click Sync Users to refresh. Wait 5 minutes after deployment for domain initialization |
| Deployment won't shut down | Check Azure Portal - resource group may still be deleting. Manually delete if stuck |
For more detailed troubleshooting, see USAGE.md.
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch
- Make your changes
- Submit a pull request
For bug reports and feature requests, open an issue on GitHub.
This platform deploys intentionally vulnerable infrastructure. Please:
- Only deploy in authorized environments
- Do not expose deployments beyond the auto-configured NSG rules
- Properly shut down and delete all resources after use
- Report security vulnerabilities in the platform itself to the maintainers privately
This project is licensed under the MIT License - see the LICENSE file for details.
See USAGE.md for the complete usage guide.