ADReaper : A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go

ADReaper is a tool written in Golang which enumerates an Active Directory environment with LDAP queries within few seconds

Installation

You can download precompiled executable binaries for Windows/Linux from latest releases

Install from source

To build from source, clone the repo and build it with GO

$ git clone https://github.com/AidenPearce369/ADReaper
$ cd ADReaper/
$ go build

Usage

ADReaper performs enumeration with various commands that performs LDAP queries with respective to it

PS C:\Users\redteamer\Desktop\shared> .\ADReaper.exe
-command string
Command to run
dc – to list domain controllers
domain-trust – to list domain trust
users – to list all users
computers – to list all computers
groups – to list all groups with members
spn – to list service principal objects
never-loggedon – to list users never logged on
gpo – to list group policy objects
ou – to list organizational units
ms-sql – to list MS-SQL servers
asreproast – to list AS-REP roastable accounts
unconstrained – to list Unconstrained Delegated accounts
admin-priv – to list AD objects with admin privilege
-dc string
Enter the DC
-filter string
Filters to use for users/groups/computers
list – lists all objects only
fulldata – list all objects with properties
membership – lists all members from an object
(default “list”)
-name string
Pass object name of user/group/computer
-password string
Enter the Password
-user string
Enter the Username

To query the properties of Domain Controller of the domain,

.\ADReaper.exe -dc -user -password -command dc

To query the Trust Attributes of the domain,

.\ADReaper.exe -dc -user -password -command domain-trust

To list all Users from the domain,

.\ADReaper.exe -dc -user -password -command users

To list all Users with attributes from the domain,

.\ADReaper.exe -dc -user -password -command users -filter full-data

To list the membership of the Specific User,

.\ADReaper.exe -dc -user -password -command users -name -filter membership

Related

linWinPwn – Active Directory Vulnerability Scanner

February 15, 2024

In "Cyber security"

Adidnsdump : Active Directory Integrated DNS Dump Tool

May 6, 2019

In "Kali Linux"

HackTheBox AD Machines : Tools And Strategies For Mastering AD Penetration Testing

February 7, 2025

In "Cyber security"

R K

Next Smap : A Drop-In Replacement For Nmap Powered By Shodan.Io »

Previous « KrbRelay : Framework For Kerberos Relaying

Leave a Comment

Share

Published by

R K

Tags: ADReaperEnumeration ToolWindows Active Directory

4 years ago

Recent Posts

Database Assessment

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

5 hours ago

Vulnerability Analysis

Microsoft Authenticator Flaw Could Leak Login Codes

A newly disclosed vulnerability in Microsoft Authenticator could expose one time sign in codes or…

14 hours ago

software

Modrinth – A Comprehensive Overview of Tools and Functions

Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…

1 day ago

News

BlackSanta Malware A Stealthy Threat Targeting Recruiters and HR Teams

A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…

1 day ago

TECH

Perplexity Launches Personal Computer Features

Perplexity has unveiled an exciting new feature, Personal Computer, which allows AI agents to seamlessly…

2 days ago

Cyber security

Cyberattack or Smoke and Mirrors? The Truth Behind the Alleged Dimona Nuclear Breach

In a recent cyber incident, a group named CARDINAL, associated with the label Russian Legion,…

2 days ago

L