https://github.com/the-viper-one/activedirectoryattacktool
ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
https://github.com/the-viper-one/activedirectoryattacktool
active-directory ctf htb oscp penetration-testing-tools red-team security-tools tryhackme
Last synced: 4 months ago
JSON representation
ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
- Host: GitHub
- URL: https://github.com/the-viper-one/activedirectoryattacktool
- Owner: The-Viper-One
- Created: 2022-04-02T16:15:56.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2023-04-19T16:22:50.000Z (over 2 years ago)
- Last Synced: 2025-04-14T20:42:41.403Z (9 months ago)
- Topics: active-directory, ctf, htb, oscp, penetration-testing-tools, red-team, security-tools, tryhackme
- Language: Shell
- Homepage:
- Size: 700 KB
- Stars: 95
- Watchers: 2
- Forks: 24
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ActiveDirectoryAttackTool
ActiveDirectoryAttackTool (ADAT) tool is used to assist CTF players and Penetration testers with helpful commands to run against an Active Directory Domain Controller. This tool is best utilized using a set of known working credentials against the host.
# Usage: General
Standard usage
```
bash ADAT.sh -u ViperOne -p Password123 -t 10.10.10.100 -d Security.local
```
Usage with LDAP base search
```
bash ADAT.sh -u ViperOne -p Password123 -t 10.10.10.100 -d Security.local -l "DC=Security,DC=Local"
```
Usage with GitHub for script repositories (Target system has internet access)
```
bash ADAT.sh -u ViperOne -p Password123 -t 10.10.10.100 -d Security.local
```
# Usage: Systems with no internet access
If the system you are testing has no internet access or is a CTF machine, ADAT will download the required GitHub repositories to your attacking system. Ensure you specify the ```-L``` parameter and set both the LocalIP and LocalPort variables within the script to that of your attacking system.
```
bash ADAT.sh -u ViperOne -p Password123 -t 10.10.10.100 -d Security.local -L
```
ADAT will run a http python3 server on the attacking system using the LocalIP and LocalPort parameters.
# Usage: Standalone Windows Systems
Usage for non domain joined systems, whilst not officially supported by ADAT, many of the commands can be run against a standalone Windows system.
```
bash ADAT.sh -u ViperOne -p Password123 -t 10.10.10.100 -d . -L
bash ADAT.sh -u ViperOne -p Password123 -t 10.10.10.100 -d WORKGROUP -L
```
# Usage: Null Mode
Null mode is useful for when you do not have any valid usernames or credentials to run against the target Domain Controller.
```
bash ADAT.sh -t 10.10.10.100 -d Security.local -N
```
# Supported Protocols
Some of the protocols ADAT prints out commands for:
- DNS
- Kerberos
- LDAP
- MSSQL
- NTP
- RDP
- SMB
- WinRM
# Supported Tools
Some of the tools ADAT prints out commands for:
- BloodHound
- Crackmapexec (Including modules and PowerShell commands)
- Impacket toolset
- Metasploit
- Nmap
- ldapdomaindump
- ldapsearch
- pywerview
- xfreerdp
ADAT produces commands for both external and internal usage.
# Examples
# OSCP
ADAT is OSCP friendly, the commands it prints out might not be. Please be cautious about what commands and scripts invoke before running in an exam environment.
# Disclaimer
The resulting commands printed by ADAT should only be used within an authorized envionment. The author is not responsible for any damages caused.