EDD (Enumerate Domain Data) is designed to be similar to Power View but in .NET. Power View is essentially the ultimate domain enumeration tool, and we wanted a .NET implementation that we worked on ourselves. This tool was largely put together by viewing implementations of different functionality across a wide range of existing projects and combining them into EDD.
Usage
To use EDD, you just need to call the application, provide the function that you want to run (listed below) and provide any optional/required parameters used by the function.
Functions
The following functions can be used with the -f flag to specify the data you want to enumerate/action you want to take.
getdomainsid – Returns the domain sid (by default current domain if no domain is provided)
getforest – returns the name of the current forest
getforestdomains – returns the name of all domains in the current forest
convertsidtoname – Converts a SID to the corresponding group or domain name (use the -u option for providing the SID value)
getadcsservers – Get a list of servers running AD CS within the current domain
Computer Information
getdomaincomputers – Get a list of all computers in the domain
getdomaincontrollers – Gets a list of all domain controllers
getdomainshares – Get a list of all accessible domain shares
User Information
getnetlocalgroupmember – Returns a list of all users in a local group on a remote system
getnetdomaingroupmember – Returns a list of all users in a domain group
getdomainuser – Retrieves info about specific user (name, description, SID, Domain Groups)
getnetsession – Returns a list of accounts with sessions on the targeted system
getnetloggedon – Returns a list of accounts logged into the targeted system
getuserswithspns – Returns a list of all domain accounts that have a SPN associated with them
Chained Information
finddomainprocess – Search for a specific process across all systems in the domain (requires admin access on remote systems)
finddomainuser – Searches the domain environment for a specified user or group and tries to find active sessions (default searches for Domain Admins)
findinterestingdomainsharefile – Searches the domain environment for all accessible shares. Once found, it parses all filenames for “interesting” strings
findwritableshares – Enumerates all shares in the domain and then checks to see if the current account can create a text file in the root level share, and one level deep.
SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…
The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…
The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…
The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…
AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…
Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…