🥷
Active directory

ad-ldap-enum

Using LDAP queries, the Python programme ad-ldap-enum gathers data from ActiveDirectory about users, machines, and their group memberships. Traditional tools might not function rapidly enough in big Active Directory installations. This programme runs LDAP queries against a domain controller, enabling the quick compilation of group membership data and the selective extraction of particular Active Directory properties.

Tool Source

ad-ldap-enum is a Python script created to gather information about users, computers, and their group memberships from Active Directory by using LDAP queries. In larger Active Directory environments, conventional tools may not be efficient enough for the task. This tool works by executing LDAP queries against a domain controller, enabling the selective extraction of specific Active Directory attributes and quickly assembling group membership data, making it an effective tool for efficiently collecting information from Active Directory systems.

The script outputs three tab-delimited files:

  1. Domain_Group_Membership.csv:     comprises computers, users, groups, and the memberships within them.
  2. Extended_Domain_User_Information.csv:     includes users and other data (such email addresses or home folders) from Active Directory.
  3. Extended_Domain_Computer_Information.csv:     includes details about machines in the 'Domain machines' group as well as other data from Active Directory (such as the operating system type and service pack version).

Installation

The package relies on the ldap3 Python package to execute LDAP connections and queries. To install the required packages, run the following command:

The tool is built and tested against Python v3.10 and is intended to be OS-agnostic, working on both UNIX/Linux systems and Windows.Python 2.X is not supported.

How to Use

The tool provides various options for authentication,including null binding, username/password authentication, and Pass-the-Hash(PtH) LM:NTLM style authentication. It supports both authenticated and unauthenticated LDAP connections and can process nested groups.

Here's an example of basic usage:

For detailed usage, refer to the provided help menu:

Additional Information

·        The tool supports LDAP over SSL/TLS connections,IPv4, and IPv6 networks.

·        It can output results in Excel format.

·        The script can be used for both password and Pass-the-Hash (PtH) LM:NTLM style authentication.

·        Planned features include Kerberos authentication, LDAP signing, LDAP channel binding, and ObjectSID retrieval.

Table of Contents:

Navigation

HomeTools

Services by CQR

Penetration Testing
Social Engineering
OSINT Recon
Vulnerability Assessment
Automotive Penetration Testing
DevSecOps
Smart Contract Audit
Incident Response
SOC Services
Risk Assessment
API Penetration Testing
Active Directory Audit
Fuzz Testing
Security Code Review
NOC Service
Forensics
Reverse Engineering

Related Posts

OSINT Recon: what is open source inteligence

October 2, 2023

Explore Tools Categories

🔎

Osint

🎩

Brute-force

🥷

Active directory

📵

Wireless security

🌩️

Cloud Security

🧩

Network assessment

🕸️

Web vulnerability detection

📝

Information Gathering Tools

📶

Wireless Attacks

💫

Vulnerability Analysis

⚗️

Forensics Tools

⚠️

Stress Testing

👓

Sniffing & Spoofing

Tools