Home / Unlabelled / ADSearch - A Tool To Help Query AD Via The LDAP Protocol

ADSearch - A Tool To Help Query AD Via The LDAP Protocol


A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD.


Key Features
  • List all Domain Admins
  • Custom LDAP Search
  • Connect to LDAPS Servers
  • Output JSON data from AD instances
  • Retrieve custom attributes from a generic query (i.e. All computers)

Usage
ADSearch 1.0.0.0Copyright c  2020USAGE:Query Active Directory remotely or locally:  ADSearch --domain ldap.example.com --password AdminPass1 --username admin --users  -f, --full          If set will show all attributes for the returned item.  -o, --output        File path to output the results to.  --json              (Default: false) Output results in json format.  --supress-banner    When set banner will be disabled.  -G, --groups        Enumerate and return all groups from AD.  -U, --users         Enumerate and return all users from AD.  -C, --computers     Enumerate and return all computers joined to the AD.  -S, --spns          Enumerate and return all SPNS from AD.  --attributes        (Default: cn) Attributes to be returned from the results in csv    format.  -s, --search        Perform a custom search on the AD server.  --domain-admins     Attempt to retreive all Domain Admin accounts.  -u, --username      Attempts to authenticate to AD with the given username.  -p, --password      Attempts to authenticate to AD with the given password.  -h, --hostname      If set will attempt a remote bind to the hostname. This option requires the domain option to be set to a valid DC on the hostname. Will allow an IP address to be used as well.  -p, --port          (Default: 636) If set will attempt a remote bind to the port based on the IP.  -d, --domain        The domain controller we are connecting to in the FQDN format. If left blank then all other connection options are ignored and the lookups ar   e done locally.  --insecure          (Default: false) If set will communicate over port 389 and not use SSL  --help              Display this help screen.  --version           Display version information.

Screenshots

Display all SPNs



Display all users



Get custom attributes back from custom search





Via: feedproxy.google.com
ADSearch - A Tool To Help Query AD Via The LDAP Protocol ADSearch - A Tool To Help Query AD Via The LDAP Protocol Reviewed by Anónimo on 18:34 Rating: 5

Tags