https://github.com/lkarlslund/Adalanche?tab=readme-ov-file

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
https://github.com/lkarlslund/Adalanche?tab=readme-ov-file

acl acl-audit active-directory activedirectory ad-audit blueteam graph-theory infosec ldap ldap-audit reconnaissance

Last synced: 5 days ago
JSON representation

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

• Host: GitHub
• URL: https://github.com/lkarlslund/Adalanche?tab=readme-ov-file
• Owner: lkarlslund
• License: agpl-3.0
• Created: 2020-10-07T10:07:22.000Z (almost 5 years ago)
• Default Branch: master
• Last Pushed: 2025-01-16T13:09:23.000Z (9 months ago)
• Last Synced: 2025-01-16T18:18:04.790Z (9 months ago)
• Topics: acl, acl-audit, active-directory, activedirectory, ad-audit, blueteam, graph-theory, infosec, ldap, ldap-audit, reconnaissance
• Language: Go
• Homepage: https://www.netsection.com
• Size: 10.1 MB
• Stars: 1,806
• Watchers: 29
• Forks: 173
• Open Issues: 0
• Metadata Files:
  • Readme: readme.MD
  • Contributing: CONTRIBUTING.md
  • License: license.MD

Awesome Lists containing this project

• cybersources - Adalanche

README

          
#  Adalanche Open Source

*Attack Graph Visualizer and Explorer*

[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/lkarlslund/Adalanche)](https://github.com/lkarlslund/Adalanche/releases/latest) ![GitHub all releases](https://img.shields.io/github/downloads/lkarlslund/Adalanche/total) ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/lkarlslund/Adalanche/autobuild.yml?branch=master)



Adalanche gives instant results, showing you what permissions users and groups have in an Active Directory. It is useful for visualizing and exploring who can take over accounts, machines or the entire domain, and can be used to find and show misconfigurations.

## I Can Haz Domain Admin?

Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people are just added to Domain Admins. 

In large organizations you have a huge number of people with different needs, and they are delegated access to varying degrees of power in the AD. At some point in time, someone makes a mistake, and that can cost you dearly.

Adalanche visualizes delegation issues, kerberoastable accounts, AD CS issues and much, much more.

## Features

Analysis offers in-depth analysis of ownership, ACLs and other node relationships.

The visualization allows you to explore nodes and edges via web based graph UI, in order to find misconfigurations that attackers would use against you if they were to attack your infrastructure.

Adalanche Query Language (AQL) offers comprehensive search abilities in the graph. AQL is a GQL-like language that allows for complex queries.

Adalanche can collect data from: 

  - Active Directory

  - Windows machines

  - VMware vSphere*

Adalanche integrates data from:

  - Active Directory

  - Windows machines (domain joined, or standalone)

  - VMware vSphere(*)

  - CyberArk(*)

  - Password hashes / cracked passwords(*)

  - Tiering models(*)

  - Custom nodes and edges(*)

Reporting feature is in development(*)

(*) = paid version, see [NetSection](https://www.netsection.com) website

## Tell me more

For more details, you can view the [documentation](modules/frontend/html/docs/index.md) here on Github, or from within the Adalanche UI.