Code Monkey home page Code Monkey logo

adhunttool's Introduction

ADHuntTool

official report for the AdHuntTool. C# Script used for Red Team. It can be used by Cobalt Strike execute-assembly or as standalone executable.

How to use it

Note that DumpCertificateTemplates and DumpPasswordPolicy need the full base

Ex: domain name is ringzer0.local you need to specify the domain as ringzer0,DC=local

This will generate the following query under the hood

beacon> execute-assembly C:\users\dev\Desktop\ADHuntTool.exe dumpcertificatetemplates ringzer0,DC=local -verbose
CA Name is:
Connecting to: LDAP://CN=AIA,CN=Public Key Services,CN=Services,CN=Configuration,DC=ringzer0,DC=local
Querying:      (&(!name=AIA))
name                    : RINGZER0-RZDC-CA

Connecting to: LDAP://CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=ringzer0,DC=local
Querying:      (&(name=*))
name                    : User
displayName             : User
distinguishedName       : CN=User,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,DC=RINGZER0,DC=local
msPKI-Cert-Template-OID : 1.3.6.1.4.1.311.21.8.7352012.6162934.10046593.3535065.1065136.82.1.1
msPKI-Enrollment-Flag   : 41

List of supported features

Usage: ADHuntTool.exe options domain [arguments]

ADHuntTool.exe Set
ADHuntTool.exe DumpLocalAdmin RingZer0 *optional*computername
ADHuntTool.exe DumpLocalGroup RingZer0 *optional*computername
ADHuntTool.exe DumpRemoteSession RingZer0 *optional*computername
ADHuntTool.exe DumpWkstaSession RingZer0 *optional*computername
ADHuntTool.exe CheckAdmin RingZer0 *optional*computername
ADHuntTool.exe DumpTrust RingZer0
ADHuntTool.exe DumpAllUsers RingZer0
ADHuntTool.exe DumpUser RingZer0 mr.un1k0d3r
ADHuntTool.exe DumpUsersEmail RingZer0
ADHuntTool.exe DumpAllComputers RingZer0 
ADHuntTool.exe DumpComputer RingZer0 DC01
ADHuntTool.exe DumpAllGroups RingZer0
ADHuntTool.exe DumpGroup RingZer0 "Domain Admins"
ADHuntTool.exe DumpPasswordPolicy Ringzer0,DC=local
ADHuntTool.exe DumpCertificateTemplates Ringzer0,DC=local
ADHuntTool.exe DumpPwdLastSet RingZer0
ADHuntTool.exe DumpLastLogon RingZer0
ADHuntTool.exe CheckManaged RingZer0
ADHuntTool.exe DumpLapsPassword RingZer0 *optional*computername  
ADHuntTool.exe DumpUserPassword RingZer0   
ADHuntTool.exe DumpRemoteSession RingZer0  *optional*computername  
ADHuntTool.exe PasswordBruteForce RingZer0 *optional*username (samaccountname) 
ADHuntTool.exe GetShare target *optional*Domain\Username Password
ADHuntTool.exe GetService target *optional*Domain\Username Password

The -verbose switch can be added to get verbose output.

Credit

Mr.Un1k0d3r RingZer0 Team

Tazz0 RingZer0 Team

adhunttool's People

Contributors

mr-un1k0d3r avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.