ADSearch : A Tool To Help Query AD Via The LDAP Protocol

ADSearch is a tool written for cobalt-strike’s execute-assembly command that allows for more efficent querying of AD.

Key Features

  • List all Domain Admins
  • Custom LDAP Search
  • Connect to LDAPS Servers
  • Output JSON data from AD instances
  • Retrieve custom attributes from a generic query (i.e. All computers)

Usage

ADSearch 1.0.0.0
Copyright c 2020
USAGE:
Query Active Directory remotely or locally:
ADSearch –domain ldap.example.com –password AdminPass1 –username admin –users


-f, –full If set will show all attributes for the returned item.
-o, –output File path to output the results to.
–json (Default: false) Output results in json format.
–supress-banner When set banner will be disabled.
-G, –groups Enumerate and return all groups from AD.
-U, –users Enumerate and return all users from AD.
-C, –computers Enumerate and return all computers joined to the AD.
-S, –spns Enumerate and return all SPNS from AD.
–attributes (Default: cn) Attributes to be returned from the results in csv format.
-s, –search Perform a custom search on the AD server.
–domain-admins Attempt to retreive all Domain Admin accounts.
-u, –username Attempts to authenticate to AD with the given username.
-p, –password Attempts to authenticate to AD with the given password.
-h, –hostname If set will attempt a remote bind to the hostname. This option requires the domain option to be set to a valid DC on the hostname. Will allow an IP address to be used as well.
-p, –port (Default: 636) If set will attempt a remote bind to the port based on the IP.
-d, –domain The domain controller we are connecting to in the FQDN format. If left blank then all other connection options are ignored and the lookups are done locally.
–insecure (Default: false) If set will communicate over port 389 and not use SSL
–help Display this help screen.
–version Display version information.

Screenshots

  • Display all SPNs
  • Display all users
  • Get custom attributes back from custom search
R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

7 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

7 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

1 week ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

1 week ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

1 week ago