SilentHound Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc. Created by Nick Swink from Layer 8 Security.
sudo python3 -m pip install –user pipenv
git clone https://github.com/layer8secure/SilentHound.git
cd silenthound
pipenv install
This method is not recommended because python-ldap can cause many dependency errors.
Install dependencies with pip:
python3 -m pip install -r requirements.txt
python3 silenthound.py -h
Usage
$ pipenv run python silenthound.py -h
usage: silenthound.py [-h] [-u USERNAME] [-p PASSWORD] [-o OUTPUT] [-g] [-n] [-k] TARGET domain
Quietly enumerate an Active Directory environment.
positional arguments:
TARGET Domain Controller IP
domain Dot (.) separated Domain name including both contexts e.g. ACME.com / HOME.local / htb.net
optional arguments:
-h, –help show this help message and exit
-u USERNAME, –username USERNAME
LDAP username – not the same as user principal name. E.g. Username: bob.dole might be ‘bob
dole’
-p PASSWORD, –password PASSWORD
LDAP password – use single quotes ‘password’
-o OUTPUT, –output OUTPUT
Name for output files. Creates output files for hosts, users, domain admins, and descriptions
in the current working directory.
-g, –groups Display Group names with user members.
-n, –org-unit Display Organizational Units.
-k, –keywords Search for key words in LDAP objects.
A lightweight tool to quickly and quietly enumerate an Active Directory environment. The goal of this tool is to get a Lay of the Land whilst making as little noise on the network as possible. The tool will make one LDAP query that is used for parsing, and create a cache file to prevent further queries/noise on the network. If no credentials are passed it will attempt anonymous BIND.
Using the -o flag will result in output files for each section normally in stdout. The files created using all flags will be:
-rw-r–r– 1 kali kali 122 Jun 30 11:37 BASENAME-descriptions.txt
-rw-r–r– 1 kali kali 60 Jun 30 11:37 BASENAME-domain_admins.txt
-rw-r–r– 1 kali kali 2620 Jun 30 11:37 BASENAME-groups.txt
-rw-r–r– 1 kali kali 89 Jun 30 11:37 BASENAME-hosts.txt
-rw-r–r– 1 kali kali 1940 Jun 30 11:37 BASENAME-keywords.txt
-rw-r–r– 1 kali kali 66 Jun 30 11:37 BASENAME-org.txt
-rw-r–r– 1 kali kali 529 Jun 30 11:37 BASENAME-users.txt
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…