Published on April 12th, 2016 📆 | 6882 Views ⚑
0AD-LDAP-Enum — LDAP Based Active Directory Enumeration
https://www.ispeech.org/text.to.speech
ad-ldap-enum is a Python script that was developed to discover users and their group memberships from Active Directory. In large Active Directory environments, tools such as NBTEnum were not performing fast enough. By executing LDAP queries against a domain controller, ad-ldap-enum is able to target specific Active Directory attributes and build out group membership quickly.
ad-ldap-enum outputs two tab delimited files ‘Domain Group Membership.txt’ and ‘Extended Domain User Information.txt’. The first file contains users, computers, groups, and their memberships. The second file contains users and extra informtion about the users from Active Directory (e.g. a user’s home folder or email address).
ad-ldap-enum supports both authenticated and unauthenticated LDAP connections. Additionally, ad-ldap-enum can process nested groups and display a user’s actual group membership.
Requirements for Active Directory Enumeration
The package python-ldap is required for the script to execute. This can be installed with the following command:
pip install python-ldap
[adsense size='1']
Usage
ad-ldap-enum.py [-h] -l LDAP_SERVER -d DOMAIN [-e] [-n] [-u USERNAME] [-p PASSWORD] [-v]
Active Directory LDAP Enumerator
optional arguments:
-h, --help show this help message and exit
-v, --verbose Display Debugging Information
Server Parameters:
-l LDAP_SERVER, --server LDAP_SERVER LDAP Server
-d DOMAIN, --domain DOMAIN Fully Qualified Domain Name
-e, --nested Expand Nested Groups
Authentication Parameters:
-n, --null Use Null Authentication
-u USERNAME, --username USERNAME Username
-p PASSWORD, --password PASSWORD Password
Source && Download
https://github.com/CroweCybersecurity/ad-ldap-enum
Gloss