apply_adversary_profile

Inject realistic security vulnerabilities into Ludus configurations for red team training and security testing. Transform existing setups with educational weaknesses to simulate real-world attack scenarios.

Instructions

Apply adversary profile to inject realistic vulnerabilities for red team training.

This tool transforms an existing Ludus configuration by injecting educational vulnerabilities that simulate real-world security weaknesses. Perfect for:

Red team training and practice
Security testing scenarios
Learning exploitation techniques
Purple team exercises

Args: config: The Ludus range configuration to transform (dict with 'ludus' key) threat_level: Level of vulnerabilities to inject - "low": Basic weaknesses (weak passwords, open shares) - "medium": AD attacks (Kerberoasting, AS-REP roasting, weak GPO) - "high": Advanced attacks (unconstrained delegation, certificate vulns) target_vms: Optional list of specific VM hostnames to target (None = all VMs) include_documentation: Generate educational docs explaining vulnerabilities

Returns: Dictionary containing: - status: "success" - profile_type: "adversary" - threat_level: The applied threat level - modified_config: Transformed Ludus configuration - vulnerability_injections: List of injected vulnerabilities - vulnerabilities_count: Total number of vulnerabilities - affected_vms: List of VMs that were modified - documentation: Educational documentation (if requested) - warnings: Important safety warnings - next_steps: What to do next

Examples: # Apply medium-level vulnerabilities to all VMs result = await apply_adversary_profile( config=my_range_config, threat_level="medium" )

# Apply high-level vulnerabilities only to domain controllers result = await apply_adversary_profile( config=my_range_config, threat_level="high", target_vms=["DC01", "DC02"] ) # Apply low-level vulnerabilities without documentation result = await apply_adversary_profile( config=my_range_config, threat_level="low", include_documentation=False )

Vulnerability Categories: Active Directory: - Weak domain passwords - Kerberoasting opportunities - AS-REP roasting - Unconstrained delegation - DCSyn rights misconfigurations - Certificate Services vulnerabilities

Windows Security: - Weak local administrator passwords - Unquoted service paths - Weak ACLs and permissions - AlwaysInstallElevated - Cached credentials Network Security: - Open SMB shares - Exposed RDP services - LLMNR poisoning opportunities - Weak network segmentation

Notes: ⚠️ These vulnerabilities are for EDUCATIONAL PURPOSES ONLY ⚠️ Deploy ONLY in isolated lab environments ⚠️ NEVER expose these systems to production or the internet

The modified configuration uses Ansible roles to implement vulnerabilities: - ludus_ad_weak_passwords - ludus_ad_kerberoast - ludus_ad_asreproast - ludus_ad_unconstrained_delegation - ludus_weak_local_admin - ludus_unquoted_service_paths - ludus_open_shares

Input Schema

TableJSON Schema

Name	Required	Default
`config`	Yes
`threat_level`	No	medium
`target_vms`	No
`include_documentation`	No

This server cannot be installed

Ludus FastMCP