ADReaper is a tool written in Golang which enumerates an Active Directory environment with LDAP queries within few seconds
You can download precompiled executable binaries for Windows/Linux from latest releases
To build from source, clone the repo and build it with GO
$ git clone https://github.com/AidenPearce369/ADReaper
$ cd ADReaper/
$ go build
ADReaper performs enumeration with various commands that performs LDAP queries with respective to it
PS C:\Users\redteamer\Desktop\shared> .\ADReaper.exe
-command string
Command to run
dc – to list domain controllers
domain-trust – to list domain trust
users – to list all users
computers – to list all computers
groups – to list all groups with members
spn – to list service principal objects
never-loggedon – to list users never logged on
gpo – to list group policy objects
ou – to list organizational units
ms-sql – to list MS-SQL servers
asreproast – to list AS-REP roastable accounts
unconstrained – to list Unconstrained Delegated accounts
admin-priv – to list AD objects with admin privilege
-dc string
Enter the DC
-filter string
Filters to use for users/groups/computers
list – lists all objects only
fulldata – list all objects with properties
membership – lists all members from an object
(default “list”)
-name string
Pass object name of user/group/computer
-password string
Enter the Password
-user string
Enter the Username
To query the properties of Domain Controller of the domain,
.\ADReaper.exe -dc -user -password -command dc
To query the Trust Attributes of the domain,
.\ADReaper.exe -dc -user -password -command domain-trust
To list all Users from the domain,
.\ADReaper.exe -dc -user -password -command users
To list all Users with attributes from the domain,
.\ADReaper.exe -dc -user -password -command users -filter full-data
To list the membership of the Specific User,
.\ADReaper.exe -dc -user -password -command users -name -filter membership
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…