Youzer : Fake User Generator For Active Directory Environments

Fake User Generator for Active Directory Environments. The goal of Youzer is to create information rich Active Directory environments. This uses the python3 library ‘faker’ to generate random accounts.

pip3 install faker

You can either supply a wordlist or have the passwords generated. The generated option is great for testing things like hashcat rule masks.

Wordlist option is useful when wanting to supply a specific password list seeded into an environment, or to practice dictionary attacks.

The output is a CSV and a PowerShell script where both can be copied to the target. When executed, the PowerShell script binds over LDAP so doesn’t rely on the newer Active Directory modules and creates each user object.

Currently the OU’s need to exist, but this tool is a sub-project of ‘Labseed’ where the Active Directory structure will be created.

Also Read – Hash Identifier : Software To Identify The Different Types Of Hashes Used To Encrypt Data & Especially Passwords

RoadMap

  • Generate multiple departments (OU’s)
  • Generate grouping structure and randomly assign
  • Implement additional Faker object options to populate other LDAP fields such as Address, Region
  • Create an organisational chart of the nested grouping structure

Examples

Youzer can create 100,000 users in under 30 seconds and 1,000,000 users in around 3 minutes.

[-] Domain Name set to : example
[*] Writing to output file : sales_example.csv
[!] Generating 100000 users in password generate mode
[!] Creating Powershell script for import : sales_example.ps1
python3 youzer.py –generate –generate_length 20 –ou –domain example 20.35s user 0.11s system 95% cpu 21.354 total

Creating 1000 user accounts with a randomly generated alphanumeric password choice of 20 characters

python3 youzer.py –generate –generate_length 20 –ou “ou=sales,dc=example,dc=domain” –domain example –users 1000 –output sales_example.csv

author : @lorentzenman
team : SpiderLabs

[-] Domain Name set to : example
[*] Writing to output file : sales_example.csv
[!] Generating 1000 users in password generate mode
[!] Creating Powershell script for import : sales_example.ps1

Demo

Download
R K

Share
Published by
R K
Tags: ActiveDirectoryYouzer
5 years ago

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

3 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

3 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

2 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago