Simple python script for AD enumeration

Related tags

MiscellaneousAutoAD
Overview

AutoAD - Simple python script for AD enumeration

This tool was created on my spare time to help fellow penetration testers in automating the basic enumeration steps that they would do on their daily-basis job and can be useful in AD labs (CRTP/CRTE/CRTO/Offshore..etc)

(Spoiler: this tool is far from being perfect.)

Installation

git clone https://github.com/M-Arman/AutoAD.git
cd AutoAD
chmod +x install.sh
sudo ./install.sh

Usage

	    
	 █████╗ ██╗   ██╗████████╗ ██████╗      █████╗ ██████╗ 
	██╔══██╗██║   ██║╚══██╔══╝██╔═══██╗    ██╔══██╗██╔══██╗
	███████║██║   ██║   ██║   ██║   ██║    ███████║██║  ██║
	██╔══██║██║   ██║   ██║   ██║   ██║    ██╔══██║██║  ██║
	██║  ██║╚██████╔╝   ██║   ╚██████╔╝    ██║  ██║██████╔╝
	╚═╝  ╚═╝ ╚═════╝    ╚═╝    ╚═════╝     ╚═╝  ╚═╝╚═════╝ 
			                                      by M-Arman
                                                       
usage: AutoAD.py [-h] -user USERNAME -pass PASSWORD -dc-ip DC_IP -dns-mode DNS_MODE

AutoAD - Simple python script for AD enumeration

optional arguments:
  -h, --help          show this help message and exit
  -user USERNAME      Username for the account that will be used for
                      authentication. (format: [email protected])
  -pass PASSWORD      Password for the account that will be used for
                      authentication.
  -dc-ip DC_IP        The IP address for the domain controller that will be
                      queried for results.
  -dns-mode DNS_MODE  1= Use DC-IP as DNS server.(default)
                      2= Use system default DNS configurations.(proxychains/joined machine)

Features

  • List Domain Controllers, Domain SID, Domain Admins.
  • Check for printer spool on domain controllers to be abused with printer-bug.
  • List Group Policy Objects (GPO).
  • List Domain trusts.
  • List Kerberoastable users.
  • List Unconstrained delegation enabled computers.
  • List Constrained delegation enabled computers/users.
  • Find readable LAPS credentials.
  • Checks for local administrator access on all domain computers as the querying user.
  • Output domain users, users with description, computers, groups.
  • Output hashes from TGS and ASREP roasting for offline cracking. (Impacket)

Example

./AutoAD.py -user [email protected] -pass N0tActuallyaPassw0rd -dc-ip 192.168.110.145

Screenshot

example here

Future work

  • Use OOP.
  • Use hash authentication.
  • Replace impacket hashes dumping method.
  • Exchange Servers enumeration
  • MSSQL enumeration.

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.
Owner
Mohammad Arman
Security Engineer
Mohammad Arman
GitHub Repository
Tutorials on advanced python topics, and literate programming framework to write them.

Advanced course on Python3 This course covers several topics Python decorators The python object system / meta classes Also see my text on Python impo

Michael Moser 59 Dec 19, 2022
An a simple sistem code in python

AMS OS An a simple code in python ⁕¿What is AMS OS? AMS OS is an a simple sistem code writed in python. This code helps you with the cotidian task, yo

1 Nov 10, 2021
Python-Roadmap - Дорожная карта по изучению Python

Python Roadmap Я решил сделать что-то вроде дорожной карты (Roadmap) для изучения языка Python. Возможно, если найдутся желающие дополнять ее, модифиц

Ruslan Prokhorov 1.2k Dec 28, 2022
A simple python script to convert Rubber Ducky payloads into AutoHotKey scripts

AHKDuckyReplacer A simple python script to convert Rubber Ducky payloads into AutoHotKey scripts. I have also added a sample payload for testing. I wi

Krizsan0596 5 Sep 28, 2022
validation for pre-commit.ci configuration

pre-commit-ci-config validation for pre-commit.ci configuration installation pip install pre-commit-ci-config api pre_commit_ci_config.SCHEMA a cfgv s

pre-commit.ci 17 Jul 11, 2022
A simple python script that print the Mandelbrot set for every power of the formal formula.

Python Mandelbrot A simple python script that print the Mandelbrot set for every power of the formal formula.

Paride Giunta 2 Apr 15, 2022
One-stop-shop for docs and test coverage of dbt projects.

dbt-coverage One-stop-shop for docs and test coverage of dbt projects. Why do I need something like this? dbt-coverage is to dbt what coverage.py and

Slido 106 Dec 27, 2022
Tutorial on Tempo, Beat and Downbeat estimation

Tempo, Beat and Downbeat Estimation By Matthew E. P. Davies, Sebastian Böck and Magdalena Fuentes Resources and Jupyter Book for the ISMIR 2021 tutori

49 Nov 06, 2022
Code repository for the Pytheas submersible observation platform

Pytheas Main repository for the Pytheas submersible probe system. List of Acronyms/Terms USP - Underwater Sensor Platform - The primary platform in th

UltraChip 2 Nov 19, 2022
Antchain-MPC is a library of MPC (Multi-Parties Computation)

Antchain-MPC Antchain-MPC is a library of MPC (Multi-Parties Computation). It include Morse-STF: A tool for machine learning using MPC. Others: Commin

Alipay 37 Nov 22, 2022
A check numbers python module

Made with Python3 (C) @FayasNoushad Copyright permission under MIT License License - https://github.com/FayasNoushad/Numbers/blob/main/LICENSE Deplo

Fayas Noushad 3 Nov 28, 2021
Back-end API for the reternal framework

RE:TERNAL RE:TERNAL is a centralised purple team simulation platform. Reternal uses agents installed on a simulation network to execute various known

Joey Dreijer 7 Apr 15, 2022
Jarvis Python BOT acts like Google-assistance

Jarvis-Python-BOT Jarvis Python BOT acts like Google-assistance Setup Add Mail ID (Gmail) in the file at line no 82.

Ishan Jogalekar 1 Jan 08, 2022
An-7 tool for python

***An-7 tool - Anonime-X Team*** An-x Menu : SPAM Android web malware interpreter Spam Tools : scampages letters mailers smtpcrack wpbrute shell Andro

Hamza Anonime 8 Nov 18, 2021
A clock widget for linux ez to use no need for cmd line ;)

A clock widget in LINUX A clock widget for linux ez to use no need for cmd line ;) How to install? oh its ez just go to realese! what are the paltform

1 Feb 15, 2022
The Great Autoencoder Bake Off

The Great Autoencoder Bake Off The companion repository to a post on my blog. It contains all you need to reproduce the results. Features Currently fe

Tilman Krokotsch 61 Jan 06, 2023
Sudoku-Solver

Sudoku-Solver This is a personal project, that put all my today knowledges to the test, is a project that im developing alone with a lot of effort and

Carlos Ismael Gitto Bernales 5 Nov 08, 2021
Painel simples com consulta de cep,CNPJ,placa e ip

Painel mpm Um painel simples com consultas de IP, CNPJ, CEP e PLACA Início 🌐 apt update && apt upgrade -y pkg i python git pip install requests Insta

8 Feb 27, 2022
This is a Python package named - calculator

Calculator Python Package This is a Calculator Package of Python. How To Install The Package? Install calchundred with pip (Package Installer Of Pytho

Arinjoy_Programmer 1 Nov 21, 2021
1000+ ready code templates to kickstart your next AI experiment

AI Seed Projects Start with ready code for your next AI experiment. Choose from 1000+ code templates, across a wide variety of use cases. All examples

BlobCity, Inc 98 Jan 03, 2023