#active-directory
22 posts
BloodHound
Active Directory relationship mapping and attack path visualization tool
Certipy
Active Directory Certificate Services enumeration and exploitation tool
CrackMapExec
Swiss army knife for pentesting Windows/Active Directory environments
Evil-WinRM
Windows Remote Management shell for penetration testing with pass-the-hash support
impacket-GetNPUsers
AS-REP Roasting tool to extract hashes for accounts with Kerberos pre-auth disabled
impacket-GetUserSPNs
Kerberoasting tool to request and extract service ticket hashes for offline cracking
impacket-lookupsid
SID brute-forcing tool to enumerate domain users and groups via RPC
impacket-mssqlclient
MSSQL client for interacting with Microsoft SQL servers using Windows authentication
impacket-psexec
Remote command execution tool using SMB/RPC for lateral movement in Windows environments
impacket-secretsdump
Extracts credentials and secrets from Windows systems including SAM, LSA, and NTDS.dit
impacket-wmiexec
Remote command execution using WMI for stealthy lateral movement without writing to disk
InviShell
Bypasses PowerShell security features like logging and AMSI for stealthy script execution
Kerbrute
Kerberos brute-forcing tool for AD username enumeration and password spraying
ldapsearch
LDAP query tool for enumerating Active Directory objects, users, and groups
Mimikatz
Windows credential extraction tool for dumping passwords, hashes, and Kerberos tickets
net rpc
Samba utility for managing Windows remote resources including password changes and group membership
PowerUpSQL
PowerShell toolkit for attacking SQL Server instances in Active Directory environments
PowerView
PowerShell tool for Active Directory enumeration and domain reconnaissance
Responder
LLMNR/NBT-NS/mDNS poisoner for capturing NTLMv2 hashes on the network
rpcclient
Samba RPC client for enumerating users, groups, and shares on Windows systems
Rubeus
C# Kerberos abuse toolkit for AS-REP roasting, Kerberoasting, and ticket manipulation
SharpHound
BloodHound data collector that gathers Active Directory relationship data