Kali Linux

EDD : Enumerate Domain Data

EDD (Enumerate Domain Data) is designed to be similar to Power View but in .NET. Power View is essentially the ultimate domain enumeration tool, and we wanted a .NET implementation that we worked on ourselves. This tool was largely put together by viewing implementations of different functionality across a wide range of existing projects and combining them into EDD.

Usage

To use EDD, you just need to call the application, provide the function that you want to run (listed below) and provide any optional/required parameters used by the function.

Functions

The following functions can be used with the -f flag to specify the data you want to enumerate/action you want to take.

Forest/Domain Information

getdomainsid – Returns the domain sid (by default current domain if no domain is provided)
getforest – returns the name of the current forest
getforestdomains – returns the name of all domains in the current forest
convertsidtoname – Converts a SID to the corresponding group or domain name (use the -u option for providing the SID value)
getadcsservers – Get a list of servers running AD CS within the current domain

Computer Information

getdomaincomputers – Get a list of all computers in the domain
getdomaincontrollers – Gets a list of all domain controllers
getdomainshares – Get a list of all accessible domain shares

User Information

getnetlocalgroupmember – Returns a list of all users in a local group on a remote system
getnetdomaingroupmember – Returns a list of all users in a domain group
getdomainuser – Retrieves info about specific user (name, description, SID, Domain Groups)
getnetsession – Returns a list of accounts with sessions on the targeted system
getnetloggedon – Returns a list of accounts logged into the targeted system
getuserswithspns – Returns a list of all domain accounts that have a SPN associated with them

Chained Information

finddomainprocess – Search for a specific process across all systems in the domain (requires admin access on remote systems)
finddomainuser – Searches the domain environment for a specified user or group and tries to find active sessions (default searches for Domain Admins)
findinterestingdomainsharefile – Searches the domain environment for all accessible shares. Once found, it parses all filenames for “interesting” strings
findwritableshares – Enumerates all shares in the domain and then checks to see if the current account can create a text file in the root level share, and one level deep.

R K

Recent Posts

Starship : Revolutionizing Terminal Experiences Across Shells

Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…

7 hours ago

Lemmy : A Decentralized Link Aggregator And Forum For The Fediverse

Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…

7 hours ago

Massive UX Improvements, Custom Disassemblers, And MSVC Support In ImHex v1.37.0

The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…

9 hours ago

Ghauri : A Powerful SQL Injection Detection And Exploitation Tool

Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…

11 hours ago

Writing Tools : Revolutionizing The Art Of Writing

Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…

11 hours ago

PatchWerk : A Tool For Cleaning NTDLL Syscall Stubs

PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…

1 day ago