Ldsview : Offline search tool for LDAP directory dumps in LDIF format

Ldsview is a offline search tool for LDAP directory dumps in LDIF format.

Features

  • Fast and memory efficient parsing of LDIF files
  • Build ldapsearch commands to extract an LDIF from a directory
  • Show directory structure
  • UAC and directory time format translation

Config

Config options can be passed as CLI flags, environment variables, or via a config file courtsey of viper. Reference the project’s documentation for all of the different ways you can supply configuration.

  • By default, ldsview will look for a file called .ldsview.{json,toml,yaml} in the user’s home directory
  • Environment variables with a prefix of LDSVIEW will be read in by the application.

Usage

Detailed usage information is available via the --help flag or the help command for ldsview and all subcommands.

Search Syntax

ldsview‘s search mechanism is based on the entityfilter project. Detailed information about search filter syntax can be found in that project’s README.

Examples

  • Build ldapsearch command to extract LDIF files from a directory: ldsview cmdbuilder
    • The command will prompt you for any information needed
    • Have the following ready:
      • Directory host FQDN or IP
      • Domain DN
      • User to run as
      • User’s password
  • Quickly find a specific entity in an LDIF file: ldsview -f myfile.ldif entity myuser
  • Parse UAC flag from AD: ldsview uac 532480
  • Search LDIF file: ldsview -f myfile.ldif search "adminCount:=1,sAMAccountName:!=krbtgt"
    • This command will return all entities with an adminCount of 1 that are not krbtgt
    • -i can be used to limit which attributes are returned from matching entities
    • --tdc will translate directory timestamps into a human readable format

Tools Directory

Additional tools and utilities for managing LDIFs:

Makefile: Place the Makefile in the same directory as your exported LDIF and run make.

>>make -j9 LDIF=./my.domain.ldif

This will split and create the following default LDIFs:

  • users.ldif
  • computers.ldif
  • groups.ldif
  • domain_admin.ldif
  • poss_svc_accnts.ldif
  • pass_not_reqd.ldif
  • pass_cant_change.ldif
  • users_dont_expire.ldif
  • trusted_4_delegation.ldif
  • preauth_not_reqd.ldif
  • password_expired.ldif
  • trust2auth4delegation.ldif
R K

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

21 hours ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

21 hours ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

21 hours ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

22 hours ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

22 hours ago

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…

22 hours ago