#Active Directory
Knowledge base entries tagged Active Directory.
Active Directory Pentesting CheatSheet.
ESC1ESC1 - Abuse Active Directory Certificate Services.
ADExplorerSnapshot.pyADExplorerSnapshot.py is an AD Explorer snapshot ingestor for BloodHound.
ADReconADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment..
adPEASadPEAS is a Powershell tool to automate Active Directory enumeration.
BadBloodBadBlood fills a Microsoft Active Directory Domain with a structure and thousands of objects.
Exchange versionsList of Exchange versions, build numbers and release dates for major releases (RTM, Service Packs) as well as Cumulative Updates and Rollups.
ADReaperA fast enumeration tool for Windows Active Directory Pentesting written in Go.
BloodHoundUses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment.
BloodHound.pyPython based ingestor for BloodHound.
PrinterBug (MS-RPRN abuse)Triggers RPC call using SpoolService bug.
Grouper2Tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.
Windows Security Log ReferencesMost handy Windows Security Log Event ID's
GoodHoundGoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths.
LDEEPIn-depth ldap enumeration utility.
linWinPwnSwiss-Army knife for Active Directory Pentesting using Linux.
CertiUtility to play with ADCS, allows to request tickets and collect information about related objects.
CertifyActive Directory certificate abuse.
CertipyActive Directory Certificate Services enumeration and abuse.
SeatbeltA C# project that performs a number of security oriented host-survey 'safety checks' relevant from both offensive and defensive security perspectives.
PingCastlePingCastle - Get Active Directory Security at 80% in 20% of the time.
CypherhoundPython3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets.
KerbruteThis tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication.
LAPSdumperDump LAPS Passwords.
LDAPmonitorMonitor creation, deletion and changes to LDAP objects live during your pentest or system administration! With this tool you can quickly see if your attack worked and if it changed LDAP attributes of the target object.
LDAP Password HunterLDAP Password Hunter is a tool which wraps features of getTGT.py (Impacket) and ldapsearch in order to look up for password stored in LDAP database.
LDAPDomainDumpActive Directory information dumper via LDAP.
LDAP Nom NomAnonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP).
ldapperA GoLang tool to enumerate and abuse LDAP. Made simple.
LDAP Relay ScanA tool to check Domain Controllers for LDAP server protections regarding the relay of NTLM authentication.
ldapsearch-ad.pyActive Directory LDAP Enumerator - Python3 script to quickly get various information from a domain controller through his LDAP service.
PowerView.pyJust another Powerview alternative.