.png)
SilentHound Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc. Created by Nick Swink from Layer 8 Security. Installation Using pipenv (recommended method) sudo python3 -m pip install –user pipenvgit clone https://github.com/layer8secure/SilentHound.gitcd silenthoundpipenv install From requirements.txt (legacy) This method is not recommended because python-ldap can cause many dependency errors. Install dependencies with pip: python3 -m …
Tag Archives: LDAP
LDAP-Password-Hunter : Password Hunter In The LDAP Infamous Database
LDAP Password Hunter is a tool which wraps features of getTGT.py (Impacket) and ldapsearch in order to look up for password stored in LDAP database. Impacket getTGT.py script is used in order to authenticate the domain account used for enumeration and save its TGT kerberos ticket. TGT ticket is then exported in KRB5CCNAME variable which …
Continue reading “LDAP-Password-Hunter : Password Hunter In The LDAP Infamous Database”
SharpLAPS : Retrieve LAPS Password From LDAP
SharpLAPS is a tool to Retrieve LAPS Password From LDAP. The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory. Require (either): Account with ExtendedRight or Generic All Rights Domain Admin privilege Usage _ _ _ / // /_ _ / / …
Continue reading “SharpLAPS : Retrieve LAPS Password From LDAP”
Msldap : LDAP Library For Auditing MS AD
Msldap is a tool for (LDAP) LightWeight Directory Acess Protocol library for MS AD. Features Comes with a built-in console LDAP client All parameters can be conrolled via a conveinent URL (see below) Supports integrated windows authentication (SSPI) both with NTLM and with KERBEROS Supports channel binding (for ntlm and kerberos not SSPI) Supports encryption …
ADSearch : A Tool To Help Query AD Via The LDAP Protocol
ADSearch is a tool written for cobalt-strike’s execute-assembly command that allows for more efficent querying of AD. Key Features List all Domain Admins Custom LDAP Search Connect to LDAPS Servers Output JSON data from AD instances Retrieve custom attributes from a generic query (i.e. All computers) Usage ADSearch 1.0.0.0Copyright c 2020USAGE:Query Active Directory remotely or …
Continue reading “ADSearch : A Tool To Help Query AD Via The LDAP Protocol”
LdapDomainDump : Active Directory Information Dumper via LDAP
LDAPDomainDump is an Active Directory information dumper via LDAP. In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in the recon phase of a pentest of an internal network. A problem is that data …
Continue reading “LdapDomainDump : Active Directory Information Dumper via LDAP”