The Active Directory Attack Tool (ADAT) is a versatile tool crafted to aid Capture The Flag (CTF) participants and penetration testers in conducting actions on Active Directory Domain Controllers. This tool is particularly effective when used alongside a set of known, valid credentials against the target host. It provides a range of commands and functions that can help assess and test the security of Active Directory systems during testing and security assessments.
Core Features
LDAP Enumeration:
- Supports both authenticated and unauthenticated LDAP connections.
- Collects users, computers, and their group memberships from Active Directory.
- Executes LDAP queries against a domain controller.
Output Files:
- Generates three tab-delimited output files:
- Domain_Group_Membership.csv: Contains users, computers, groups, and their memberships.
- Extended_Domain_User_Information.csv: Includes extra information about users from Active Directory.
- Extended_Domain_Computer_Information.csv: Provides additional information about computers from Active Directory
Authentication and Security:
- Supports password and Pass-the-Hash (PtH) LM:NTLM style authentication.
- Handles both authenticated and unauthenticated LDAP connections.
- Supports LDAP over SSL/TLS connections.
- Works on both IPv4 and IPv6 networks.
Requirements
- Python Package:
- Primarily uses the ldap3 Python package for executing LDAP connections and queries.
- Install requirements using: python -m pip install -r requirements.txt.
- Python Version:
- Built and tested against Python v3.10 on Kali Linux and Windows 10.
- Aims to be OS-agnostic, working on both UNIX/Linux systems and Windows.
- Python 2.X is not supported.
Usage
Example Commands:
Password Authentication:
Pass-the-Hash LDAPS Authentication:
Additional Information
Planned Features:
· Kerberos authentication.
· LDAP signing.
· LDAP channel binding.
· ObjectSID retrieval.
· Pull requests are welcome.
