Adalanche

A tool for Active Directory (AD)security analysis is called Adalanche. It makes the process of querying and visualising ADrelationships easier while also revealing any security flaws. Data from Windows computers, Active Directory, and Group Policy Objects may be analysed with this programme.

Adalanche is a tool created for the analysis of Active Directory (AD) security. It streamlines the process of querying and visualizing AD relationships, enabling users to gain insights into potential security vulnerabilities within their AD environment. Adalanche can analyze data from Windows systems, Active Directory, and Group Policy Objects, making it a valuable resource for understanding and improving the security of AD systems.

Installation

 

How to Use

Run     Basic Analysis:

     
  • Execute      Adalanche on a Windows machine joined to a domain:
 
     
  • For      non-domain machines or other OS, provide domain, username, and password:
 

Explore     Active Directory Relationships:

     
  • Collect      data from Active Directory:
 
     
  • Visualize      relationships:
 

Querying     LDAP:

     
  • Use      LDAP queries for detailed searches:

Create custom LDAP queries based on your requirements.

Gather Local Machine Data (Windows):

·        Collect information from Windows machines in the domain:

 

·        Run the local machine collector from the Adalanche binary:

 

Advanced Analysis:

·        Analyze relation ships:

·        Use predefined queries to find specific information, e.g., who can potentially take over "Domain Admins."

Visualization in the Browser:

·        Launch Adalanche and view statistics on loaded data.

·        Select target nodes and analyze relationships.

·        Adjust analysis options, such as analysis depth and max outgoing edges.

LDAP Querying in the GUI:

·        Access LDAP query interface:

 

·        Enter LDAP queries for precise searches.

·        Use advanced features like extensible match and synthetic attributes.

Exploring Paths in the GUI:

·        Right-click on objects to perform searches.

·        Trace paths between source and target objects.

·        Understand the attack path presented in the graph.

Additional Information

·        Adalanche supports LDAP queries for advanced searches.

·        The tool allows developers to easily modify andtest code.

·        Adalanche is licensed under the MIT License.

Table of Contents: