Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/passtheticket/DCDumlu
Enumeration and persistence on the Active Directory
https://github.com/passtheticket/DCDumlu
active-directory activedirectory enumeration ldap penetration-testing persistence python-ldap security security-tools
Last synced: 21 days ago
JSON representation
Enumeration and persistence on the Active Directory
- Host: GitHub
- URL: https://github.com/passtheticket/DCDumlu
- Owner: passtheticket
- License: gpl-3.0
- Created: 2021-07-20T17:30:22.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-07-31T08:46:18.000Z (4 months ago)
- Last Synced: 2024-08-05T17:44:58.891Z (4 months ago)
- Topics: active-directory, activedirectory, enumeration, ldap, penetration-testing, persistence, python-ldap, security, security-tools
- Language: Python
- Homepage: https://docs.unsafe-inline.com/inline/dcdumlu
- Size: 902 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - passtheticket/DCDumlu - Enumeration and persistence on the Active Directory (Python)
README
# DCDumlu
DCDumlu aims to conduct enumeration and some persistence techniques on the Active Directory.![GitHub Logo](images/dumlupinar.jpg)
## Installation & Start up
```
pip3 install -r requirements.txt
python3 DCDumlu.py
```
Then provide `IP address of DC`, `Domain name`, `Username`, `Password or NT hash` for LDAP connection.
:warning: **Please note that `Username` must be like `sAMAccountName` value format and hash format must be like `LM:NT` or `NT:NT`.**![GitHub Logo](images/mavna.PNG)
## Usage
Commands | Descriptions
------------ | -------------
getDomainInfo | Get domain SID, name and MAQ
sidToObject | Convert SID to object name
getPasswordPolicy | Get password policy
getPasswordNotRequired | Get all users not required to have a password
getTrustInfo | Get trust relationship information
getHosts | Dump hosts information
getDCs | Get Domain Controller(s) information
getUsers | Dump users information
getGroups | Dump groups information
hostDescriptions | Dump description of hosts information
userDescriptions | Dump description of users information
getGroupMembers | Dump members of specified group
searchUser | Search specific user
searchHost | Search specific host
unconstrainedComputer | Enumerate unconstrained computer account
constrainedComputer | Enumerate constrained computer account
constrainedUser | Enumerate constrained user account
unconstrainedUser | Enumerate unconstrained user account
getRbcd | Enumerate resource-based constrained delegation configuration
addUser | Add a user
addUserToGroup | Add a user to group
delUser | Delete a user
getSpns | Getting all Kerberoastable users
setSpn | Set a servicePrincipalName attribute value
unSetSpn | Unset a servicePrincipalName attribute value
addUnconstrained | Modify an object for delegation to any service with Kerberos Auth
addConstrained | Modify an object for delegation to specific service
getAsRep | Getting all Asreproastable users
addAsRepRoasting | Set user option as do not require Kerberos preauthentication for As-Rep Roasting attack
delAsRepRoasting | Set user option as Kerberos preauthentication is required
resetObject | Change userAccountControl attribute of object to reset modifications that are related Kerberos delegation attacks
uacTable | Show values for userAccountControl attribute if you need for resetObject operation
checkConnection | Get connection details
help | Print usage
? | Print usage
exit | Exit## Details
[DCDumlupınar](https://docs.unsafe-inline.com/inline/dcdumlupinar)