GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → m8r0wn → Ldap_search

m8r0wn / Ldap_search

Licence: gpl-3.0
Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

pentestingpentest-toolredteamldapenumeration

Projects that are alternatives of or similar to Ldap search

Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+1570.51%)
Mutual labels:  pentesting, pentest-tool, redteam
Perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+891.03%)
Mutual labels:  pentesting, pentest-tool, redteam
Oscp Pentest Methodologies
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166 (+112.82%)
Mutual labels:  pentesting, pentest-tool, redteam
Venom
Venom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+1474.36%)
Mutual labels:  pentesting, pentest-tool, redteam
Nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+478.21%)
Mutual labels:  pentesting, pentest-tool, enumeration
Enumdb
Relational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (+114.1%)
Mutual labels:  pentesting, pentest-tool, enumeration
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+2864.1%)
Mutual labels:  pentesting, pentest-tool, enumeration
Cloudbrute
Awesome cloud enumerator
Stars: ✭ 268 (+243.59%)
Mutual labels:  pentesting, pentest-tool, redteam
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+389.74%)
Mutual labels:  pentesting, redteam, enumeration
Impost3r
👻Impost3r -- A linux password thief
Stars: ✭ 355 (+355.13%)
Mutual labels:  pentesting, pentest-tool, redteam
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+9189.74%)
Mutual labels:  pentesting, enumeration, pentest-tool
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+541.03%)
Mutual labels:  pentesting, pentest-tool, redteam
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+767.95%)
Mutual labels:  pentesting, pentest-tool, redteam
Finalrecon
The Last Web Recon Tool You'll Need
Stars: ✭ 888 (+1038.46%)
Mutual labels:  pentesting, pentest-tool
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+894.87%)
Mutual labels:  pentest-tool, redteam
Pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+1058.97%)
Mutual labels:  pentesting, pentest-tool
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+1001.28%)
Mutual labels:  pentesting, enumeration
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+893.59%)
Mutual labels:  pentesting, pentest-tool
Cve 2016 8610 Poc
CVE-2016-8610 (SSL Death Alert) PoC
Stars: ✭ 26 (-66.67%)
Mutual labels:  pentesting, pentest-tool
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-12.82%)
Mutual labels:  pentesting, redteam
View All Similar Projects ➔

LDAP_Search

     

UPDATE: Ldap_search has been integrated into ActiveReign. Please check HERE for the latest on the project!

Overview

LDAP_Search can be used to enumerate Users, Groups, Computers, Domain Policies, and Domain Trusts within a Windows environment. Authentication can be performed using traditional username and password, or NTLM hash. In addition, this tool has been modified to allow brute force/password-spraying via LDAP.

Ldap_Search is compatible with Python 2.7 / 3.6+ and makes use of the Impacket library to perform the main operations.

Installation

git clone --recursive https://github.com/m8r0wn/ldap_search
cd ldap_search
sudo python3 setup.py install

Usage

Password spray with LDAP:

ldap_search -U users.txt -P 'Summer2019!' -d demo.local

Enumerate all active users on a domain:

ldap_search users -u user1 -p Password1 -d demo.local

Lookup a single user and display attributes:

ldap_search users -q AdminUser -u user1 -p Password1 -d demo.local

Enumerate all computers on a domain and resolve IP addresses:

ldap_search computers -r -u user1 -p Password1 -d demo.local

Search for end of life systems on the domain:

ldap_search computers -q eol -u user1 -p Password1 -d demo.local -s DC01.demo.local

Query group members:

ldap_search groups -q "Domain Admins" -u user1 -p Password1 -d demo.local

Domain password policy:

ldap_search domain -u user1 -p Password1 -d demo.local

Write a custom query:

ldap_search custom -q '(objectClass=*)' -a 'objectName' -u user1 -p Password1 -d demo.local

Query Types

User
  active / [None] - All active users (Default)
  all - All users, even disabled
  [specific account or email] - lookup user, ex. "m8r0wn"
  
group
  [None] - All domain groups
  [Specific group name] - lookup group members, ex. "Domain Admins"
 
computer
  [None] - All Domain Computers
  eol - look for all end of life systems on domain

Domain
    [None] - Domain's password policy

Trust
    [none] - Domain Trust information

Options

  -q QUERY          Specify user or group to query
  -a ATTRS          Specify attrs to query
  -u USER           Single username
  -U USER           Users.txt file
  -p PASSWD         Single password
  -P PASSWD         Password.txt file
  -H HASH           Use Hash for Authentication
  -d DOMAIN         Domain (Ex. demo.local)
  -s SRV, -srv SRV  LDAP Server (optional)
  -r                Use DNS to resolve records
  -t TIMEOUT        Connection Timeout (Default: 4)
  -v                Show attribute fields and values
  -vv               Show connection attempts and errors
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].