{"id":22647436,"url":"https://github.com/processust/esedhound","last_synced_at":"2025-04-11T11:41:00.731Z","repository":{"id":196830000,"uuid":"697234769","full_name":"ProcessusT/ESEDHOUND","owner":"ProcessusT","description":"ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups. The goal is to send all the infos into Bloodhound to help incident responders for identifying AD objects.","archived":false,"fork":false,"pushed_at":"2023-09-27T10:27:38.000Z","size":2030,"stargazers_count":2,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-25T08:01:41.306Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ProcessusT.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-09-27T10:20:19.000Z","updated_at":"2024-06-07T05:28:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"f42ca990-1766-4e1d-9a7f-41dd18512d29","html_url":"https://github.com/ProcessusT/ESEDHOUND","commit_stats":null,"previous_names":["processus-thief/esedhound","processust/esedhound"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ProcessusT%2FESEDHOUND","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ProcessusT%2FESEDHOUND/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ProcessusT%2FESEDHOUND/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ProcessusT%2FESEDHOUND/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ProcessusT","download_url":"https://codeload.github.com/ProcessusT/ESEDHOUND/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248385420,"owners_count":21094885,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-09T07:33:37.228Z","updated_at":"2025-04-11T11:41:00.694Z","avatar_url":"https://github.com/ProcessusT.png","language":"Python","readme":"# The ESEDHOUND project\n\n\u003cdiv align=\"center\"\u003e\n  \u003cbr\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Python-3.6+-informational\"\u003e\n  \u003cbr\u003e\n  \u003ca href=\"https://twitter.com/intent/follow?screen_name=ProcessusT\" title=\"Follow\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/ProcessusT?label=ProcessusT\u0026style=social\"\u003e\u003c/a\u003e\n  \u003cbr\u003e\n  \u003cbr /\u003e\n  \u003cp\u003e\n  ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups.\u003cbr /\u003e\u003cbr /\u003e\nThe goal is to send all the infos into Bloodhound to help incident responders for identifying AD objects.\u003cbr /\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\n\n\u003cbr\u003e\n\u003cdiv align=\"center\"\u003e\n\u003cimg src=\"https://github.com/Processus-Thief/ESEDHOUND/raw/main/esedhound.jpg\" width=\"80%;\"\u003e\n\u003c/div\u003e\n\u003cbr\u003e\n\n\n## Changelog\n\u003cbr /\u003e\nOn last version (V 1.0) :\u003cbr /\u003e\n- Extract Users, Computers and Groups from ntds file\u003cbr /\u003e\n\n\u003cbr /\u003e\u003cbr /\u003e\n\n## Usage\n\u003cbr\u003e\u003cbr\u003e\n\n```python\ngit clone https://github.com/Processus-Thief/ESEDHOUND\ncd ESEDHOUND\npython3 esedhound.py -ntds ntds.dit\n```\n\n\u003cbr\u003e\u003cbr\u003e\n\n    \n## Improvements\n\n\u003cbr /\u003e\n- Output results for BloodHound\u003cbr /\u003e\n- Extract ACLs from SD table\u003cbr /\u003e\n\n\u003cbr /\u003e\u003cbr /\u003e\n\n\n\n  \u003ch3\u003e\n    Based on https://github.com/libyal/libesedb\u003cbr /\u003e\nand the FUCKING OLD PYTHON2 TOOL https://github.com/csababarta/ntdsxtract\u003cbr /\u003e\n  \u003c/h3\u003e\n  \u003cbr\u003e\u003cbr\u003e\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprocessust%2Fesedhound","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprocessust%2Fesedhound","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprocessust%2Fesedhound/lists"}