Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Leo4j/Invoke-ADEnum

Automated Active Directory Enumeration
https://github.com/Leo4j/Invoke-ADEnum

active-directory active-directory-audit active-directory-enumeration active-directory-pentest active-directory-security activedirectory activedirectory-audit activedirectoryassesssment activedirectorysecurity cyber-security cyber-security-analysis cyber-security-tools cybersecurity cybersecurity-audit cybersecurity-awareness enumeration-tool pentest-scripts pentesting pentesting-tools pentesting-windows

Last synced: 15 days ago
JSON representation

Automated Active Directory Enumeration

Host: GitHub
URL: https://github.com/Leo4j/Invoke-ADEnum
Owner: Leo4j
License: gpl-3.0
Created: 2023-04-18T11:19:42.000Z (almost 2 years ago)
Default Branch: main
Last Pushed: 2024-12-13T10:55:07.000Z (about 2 months ago)
Last Synced: 2024-12-13T11:32:36.523Z (about 2 months ago)
Topics: active-directory, active-directory-audit, active-directory-enumeration, active-directory-pentest, active-directory-security, activedirectory, activedirectory-audit, activedirectoryassesssment, activedirectorysecurity, cyber-security, cyber-security-analysis, cyber-security-tools, cybersecurity, cybersecurity-audit, cybersecurity-awareness, enumeration-tool, pentest-scripts, pentesting, pentesting-tools, pentesting-windows
Language: PowerShell
Homepage: https://github.com/Leo4j/Invoke-ADEnum
Size: 18.9 MB
Stars: 421
Watchers: 9
Forks: 48
Open Issues: 0
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

# Invoke-ADEnum
![ADEnum](https://github.com/Leo4j/Invoke-ADEnum/assets/61951374/93fe1fed-6056-4ba0-ae5b-6f3ac4c62ddc)

## Active Directory Enumeration
Invoke-ADEnum is an enumeration tool designed to automate the process of gathering information from an Active Directory environment.

With Invoke-ADEnum, you can enumerate various aspects of Active Directory, including forests, domains, trusts, domain controllers, users, groups, computers, shares, subnets, ACLs, OUs, GPOs, and more.

One of the features of Invoke-ADEnum is its ability to generate an Active Directory Audit Report in HTML format. Whether performing security assessments, compliance audits, or general Active Directory enumeration tasks, the report will provide a detailed overview of the Active Directory infrastructure in an easy-to-navigate layout, as well as recommendations to remediate findings.

NOTE: By clicking on the tables' titles, you can generate and download a CSV version of the results. Additionally, you have the option to export the entire HTML report in XLSX format by clicking on "Active Directory Audit" at the top of the page. The XLSX export will include a separate sheet for each table of findings.

HTML Example_Report generated by Invoke-ADEnum: https://leo4j.github.io/Invoke-ADEnum/

**If you find Invoke-ADEnum valuable and use it in your work, please consider giving it a star. Your support motivates me to continue improving and maintaining this project**

![ADEnum](https://github.com/Leo4j/Invoke-ADEnum/assets/61951374/67527c9b-330b-4437-8d4d-7b7d5742607e)

## Usage

Load the script in memory:

```
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/Leo4j/Invoke-ADEnum/main/Invoke-ADEnum.ps1')
```

Help page:

```
Invoke-ADEnum -Help
```

Check your targets first, and make sure you stay in scope

```
Invoke-ADEnum -TargetsOnly
```

Specify a single domain to enumerate and a DC to bind to

```
Invoke-ADEnum -Domain contoso.local -Server DC01.contoso.local
```

Exclude out-of-scope domains

```
Invoke-ADEnum -Exclude "contoso.local,domain.local"
```

## Recommended Usage/Coverage

For optimal results, I recommend running Invoke-ADEnum in two phases: an initial quick assessment followed by a more thorough analysis.
Consider saving data to disk during the first pass to avoid redundant data collection on the second pass.

```
Invoke-ADEnum -SaveToDisk -FindLocalAdminAccess ### Save Location: C:\Users\Public\Documents\Invoke-ADEnum
```

On the second pass, reload the previously saved data from disk and perform more checks, such as Empty-Password Spraying, RBCD, User-Created Objects, Weak Permissions (it may take a very long time to complete depending on domain size), and potentially abusable GPOs.

```
Invoke-ADEnum -LoadFromDisk -SprayEmptyPasswords -FindLocalAdminAccess -RBCD -UserCreatedObjects -WeakPermissions -MoreGPOs -AllDescriptions
```

## Full Coverage

Run all available checks that Invoke-ADEnum can perform. It can be very time-consuming, especially in large domains.

```
Invoke-ADEnum -AllEnum -Force
```

# Disclaimer

Invoke-ADEnum is intended exclusively for research, education, and authorized testing. Its purpose is to assist professionals and researchers in identifying vulnerabilities and enhancing system security.

Users must secure explicit, mutual consent from all parties involved before utilizing this tool on any system, network, or digital environment, as unauthorized activities can lead to serious legal consequences. Users are responsible for adhering to all applicable laws and regulations related to cybersecurity and digital access.

The creator of Invoke-ADEnum disclaims liability for any misuse or illicit use of the tool and is not responsible for any resulting damages or losses.