Log message:
Add net/py-ldapdomaindump Version 0.9.1
In an Active Directory domain, a lot of interesting information can be
retrieved via LDAP by any authenticated user (or machine). This makes
LDAP an interesting protocol for gathering information in the recon
phase of a pentest of an internal network. A problem is that data from
LDAP often is not available in an easy to read format.
ldapdomaindump is a tool which aims to solve this problem, by
collecting and parsing information available via LDAP and outputting
it in a human readable HTML format, as well as machine readable json
and csv/tsv/greppable files.
The tool was designed with the following goals in mind:
- Easy overview of all users/groups/computers/policies in the domain
- Authentication both via username and password, as with NTLM hashes
(requires ldap3 >=1.3.1)
- Possibility to run the tool with an existing authenticated
connection to an LDAP service, allowing for integration with
relaying tools such as impackets ntlmrelayx
The tool outputs several files containing an overview of objects in
the domain:
- domain_groups: List of groups in the domain
- domain_users: List of users in the domain
- domain_computers: List of computer accounts in the domain
- domain_policy: Domain policy such as password requirements and
lockout policy
- domain_trusts: Incoming and outgoing domain trusts, and their
properties
As well as two grouped files:
- domain_users_by_group: Domain users per group they are member of
- domain_computers_by_os: Domain computers sorted by Operating System
|