ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos

AD Enum is a

Microsoft Advanced Threat Analytics

ATA detects two suspicious events but does not trigger an alert:

  • The connection with the protocol LDAP without SSL
  • The Kerberoastable attack

As shown in this screenshot:

ADenum 2 ATAdetection 777808

Source

Documentation:

  • https://labs.f-secure.com/blog/attack-detection-fundamentals-discovery-and-lateral-movement-lab-1/
  • https://theitbros.com/ldap-query-examples-active-directory/
  • https://docs.microsoft.com/en-us/advanced-threat-analytics/what-is-ata

Impacket:

  • https://github.com/SecureAuthCorp/impacket/blob/master/examples/GetNPUsers.py
  • https://github.com/SecureAuthCorp/impacket/blob/master/examples/GetUserSPNs.py

Legal Disclaimer:

testing purposes only. Usage of this software for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. “>

This project is made for educational and ethical testing purposes only. Usage of this software for attacking targets without prior mutual consent is illegal. 
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program.
Download ADenum

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source