EntraGoat: New Open-Source Lab for Safely Exploring Microsoft Entra ID Vulnerabilities
A safe, hands-on way to explore and defend against Microsoft Entra ID attacks.
Key Takeaways:
- New open-source tool lets teams safely simulate Microsoft Entra ID attacks.
- Includes realistic challenges to uncover identity security flaws.
- Free to download with setup, cleanup, and learning resources.
Semperis has recently launched EntraGoat, a new open-source tool that configures an intentionally vulnerable simulation environment for Microsoft Entra ID (formerly Azure AD). It’s designed to help security teams safely explore and understand identity-based attacks in a controlled, hands-on lab setting.
Modern Entra ID setups often contain hidden risks that can be easily exploited by attackers. Weaknesses (such as over-permissioned apps, stale group assignments, and mismanaged service principals) can be chained together to gain high-level access without needing to breach traditional defenses.
A safe space to explore Microsoft Entra ID vulnerabilities
EntraGoat works as a hands-on learning platform that combines capture-the-flag-style challenges with educational scenarios focused on identity security in Microsoft Entra ID. Each challenge simulates a realistic attack path, which starts from a compromised identity and then guides users through misconfigurations and privilege escalation techniques using PowerShell scripts and Microsoft Graph.
Additionally, the EntraGate tool includes setup and cleanup automation to avoid leaving traces in the test environment, offers optional hints, walkthroughs, and theoretical background to support learning. A React-based dashboard also allows users to monitor progress, interact with challenges, and submit flags locally.
Learning through realistic EntraGoat attack scenarios
EntraGoat includes a variety of attack scenarios that highlight common vulnerabilities in Entra ID environments, such as abusing application ownership, exploiting misconfigured service principals, and manipulating Privileged Identity Management settings. It also explores advanced techniques like forging certificate authorities for persistent access and tampering with dynamic administrative units to escalate privileges.
EntraGoat is available for free download on GitHub through the official Semperis repository. To use EntraGoat, users will need a test Microsoft Entra ID tenant (preferably with an E5 trial), Global Admin access, and a few tools installed, including PowerShell 7+, Node.js, npm, and the Microsoft Graph PowerShell SDK.
Rabia has a master's degree in Software Engineering and she has years of experience writing professionally about Microsoft products and other technologies. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on t...
