https://github.com/processust/esedhound

ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups. The goal is to send all the infos into Bloodhound to help incident responders for identifying AD objects.
https://github.com/processust/esedhound

Last synced: 10 months ago
JSON representation

ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups. The goal is to send all the infos into Bloodhound to help incident responders for identifying AD objects.

• Host: GitHub
• URL: https://github.com/processust/esedhound
• Owner: ProcessusT
• License: gpl-3.0
• Created: 2023-09-27T10:20:19.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-09-27T10:27:38.000Z (over 2 years ago)
• Last Synced: 2025-03-25T08:01:41.306Z (10 months ago)
• Language: Python
• Size: 1.94 MB
• Stars: 2
• Watchers: 1
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# The ESEDHOUND project



  


  

  


  

  


  


  


  ESEDHOUND is a python script that extract datatable from the ntds.dit file to retrieve users, computers and groups.



The goal is to send all the infos into Bloodhound to help incident responders for identifying AD objects.


















## Changelog




On last version (V 1.0) :


- Extract Users, Computers and Groups from ntds file






## Usage





```python

git clone https://github.com/Processus-Thief/ESEDHOUND

cd ESEDHOUND

python3 esedhound.py -ntds ntds.dit

```





    

## Improvements




- Output results for BloodHound


- Extract ACLs from SD table






  


    Based on https://github.com/libyal/libesedb


and the FUCKING OLD PYTHON2 TOOL https://github.com/csababarta/ntdsxtract