Adalanche is a tool created for the analysis of Active Directory (AD) security. It streamlines the process of querying and visualizing AD relationships, enabling users to gain insights into potential security vulnerabilities within their AD environment. Adalanche can analyze data from Windows systems, Active Directory, and Group Policy Objects, making it a valuable resource for understanding and improving the security of AD systems.
Installation
How to Use
Run Basic Analysis:
- Execute Adalanche on a Windows machine joined to a domain:
- For non-domain machines or other OS, provide domain, username, and password:
Explore Active Directory Relationships:
- Collect data from Active Directory:
- Visualize relationships:
Querying LDAP:
- Use LDAP queries for detailed searches:
Create custom LDAP queries based on your requirements.
Gather Local Machine Data (Windows):
· Collect information from Windows machines in the domain:
· Run the local machine collector from the Adalanche binary:
Advanced Analysis:
· Analyze relation ships:
· Use predefined queries to find specific information, e.g., who can potentially take over "Domain Admins."
Visualization in the Browser:
· Launch Adalanche and view statistics on loaded data.
· Select target nodes and analyze relationships.
· Adjust analysis options, such as analysis depth and max outgoing edges.
LDAP Querying in the GUI:
· Access LDAP query interface:
· Enter LDAP queries for precise searches.
· Use advanced features like extensible match and synthetic attributes.
Exploring Paths in the GUI:
· Right-click on objects to perform searches.
· Trace paths between source and target objects.
· Understand the attack path presented in the graph.
Additional Information
· Adalanche supports LDAP queries for advanced searches.
· The tool allows developers to easily modify andtest code.
· Adalanche is licensed under the MIT License.
