Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/passtheticket/DCDumlu

Enumeration and persistence on the Active Directory
https://github.com/passtheticket/DCDumlu

active-directory activedirectory enumeration ldap penetration-testing persistence python-ldap security security-tools

Last synced: 3 months ago
JSON representation

Enumeration and persistence on the Active Directory

Host: GitHub
URL: https://github.com/passtheticket/DCDumlu
Owner: passtheticket
License: gpl-3.0
Created: 2021-07-20T17:30:22.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2024-07-31T08:46:18.000Z (3 months ago)
Last Synced: 2024-08-01T10:15:44.875Z (3 months ago)
Topics: active-directory, activedirectory, enumeration, ldap, penetration-testing, persistence, python-ldap, security, security-tools
Language: Python
Homepage: https://docs.unsafe-inline.com/inline/dcdumlu
Size: 902 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - passtheticket/DCDumlu - Enumeration and persistence on the Active Directory (Python)

README

# DCDumlu
DCDumlu aims to conduct enumeration and some persistence techniques on the Active Directory.

![GitHub Logo](images/dumlupinar.jpg)

## Installation & Start up
```
pip3 install -r requirements.txt
python3 DCDumlu.py
```
Then provide `IP address of DC`, `Domain name`, `Username`, `Password or NT hash` for LDAP connection.
:warning: **Please note that `Username` must be like `sAMAccountName` value format and hash format must be like `LM:NT` or `NT:NT`.**

![GitHub Logo](images/mavna.PNG)

## Usage
Commands | Descriptions
------------ | -------------
getDomainInfo | Get domain SID, name and MAQ
sidToObject | Convert SID to object name
getPasswordPolicy | Get password policy
getPasswordNotRequired | Get all users not required to have a password
getTrustInfo | Get trust relationship information
getHosts | Dump hosts information
getDCs | Get Domain Controller(s) information
getUsers | Dump users information
getGroups | Dump groups information
hostDescriptions | Dump description of hosts information
userDescriptions | Dump description of users information
getGroupMembers | Dump members of specified group
searchUser | Search specific user
searchHost | Search specific host
unconstrainedComputer | Enumerate unconstrained computer account
constrainedComputer | Enumerate constrained computer account
constrainedUser | Enumerate constrained user account
unconstrainedUser | Enumerate unconstrained user account
getRbcd | Enumerate resource-based constrained delegation configuration
addUser | Add a user
addUserToGroup | Add a user to group
delUser | Delete a user
getSpns | Getting all Kerberoastable users
setSpn | Set a servicePrincipalName attribute value
unSetSpn | Unset a servicePrincipalName attribute value
addUnconstrained | Modify an object for delegation to any service with Kerberos Auth
addConstrained | Modify an object for delegation to specific service
getAsRep | Getting all Asreproastable users
addAsRepRoasting | Set user option as do not require Kerberos preauthentication for As-Rep Roasting attack
delAsRepRoasting | Set user option as Kerberos preauthentication is required
resetObject | Change userAccountControl attribute of object to reset modifications that are related Kerberos delegation attacks
uacTable | Show values for userAccountControl attribute if you need for resetObject operation
checkConnection | Get connection details
help | Print usage
? | Print usage
exit | Exit

## Details
[DCDumlupınar](https://docs.unsafe-inline.com/inline/dcdumlupinar)