emrekybs/AD-AssessmentKit emrekybs/AD-AssessmentKit

  • Stars
    star
    127
  • Rank 282,790 (Top 6 %)
  • Language
    Shell
  • Created 11 months ago
  • Updated 6 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
emrekybs/AD-AssessmentKit
github

emrekybs

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam.

[EmreKybs

AD-AssessmentKit

These tools are ideal for network administrators and cybersecurity professionals seeking to assess and enhance the security posture of AD environments and network infrastructures.

AD-SecurityAudit.sh

Focuses on initial reconnaissance and vulnerability identification in AD domains, requiring only the domain name and Domain Controller IP address.

Key Features:

  • LDAP and Service Account Queries: Conducts LDAP searches targeting service accounts in the AD.
  • Kerberos Ticket Analysis: Uses Impacket's tools for analyzing Kerberos ticket vulnerabilities and identifying accounts without pre-authentication
  • Comprehensive Kerberos and SMB Enumeration: Employs SilentHound and Enum4linux-ng for Kerberos auditing and detailed SMB, user, and system information scanning.
  • Enumeration Techniques: Implements RID brute-force and NetExec SMB enumeration for discovering user accounts, groups, and security policies.
  • Exploitation of Windows Services: Executes Zerologon and PetitPotam attacks to target known vulnerabilities.
  • Execution Summary and Actionable Guidance: Completes with a success message and provides insights for further actions, such as hash cracking.

AutoMapExec.sh

Provides in-depth security assessment and penetration testing, requiring domain, Domain Controller IP, and user credentials for a more thorough analysis.

Key Features:

  • Credential-Based Targeting: Uses user-provided credentials for a more thorough analysis.
  • Kerberos Auditing and Extensive SMB Enumeration: Combines SilentHound and multiple NetExec commands for a deeper level of SMB and security analysis.
  • Network and AD Comprehensive Scanning: Utilizes CrackMapExec for an extensive view of the network, including computer listings, local groups, and NTDS extraction.Testing Against Major Vulnerabilities: Incorporates exploitation of significant
  • Testing Against Major Vulnerabilities: Incorporates exploitation of significant vulnerabilities like Zerologon, PetitPotam, and NoPAC.
  • BloodHound Integration and RDP Enablement: Facilitates AD data collection for BloodHound analysis and enables Remote Desktop Protocol.
  • Diverse Command Execution and Data Retrieval: Performs a range of system commands and retrieves the SAM database for in-depth credential analysis.
  • Detailed Execution Overview: Concludes with a summary of successful execution, signifying the completion of a comprehensive scanning and enumeration process.

π—œπ—‘π—¦π—§π—”π—Ÿπ—Ÿπ—”π—§π—œπ—’π—‘

   git clone https://github.com/emrekybs/AD-AssessmentKit.git && cd AD-AssessmentKit && chmod +x * && ./install.sh

More Repositories

1

nim-shell

Reverse shell that can bypass windows defender detection
Nim
150
star
2

Pip-Intel

PIP-INTEL is an OSINT (Open Source Intelligence) tool designed using various open-source tools and pip packages.
Shell
113
star
3

MrHandler

Linux Incident Response Reporting
HTML
80
star
4

Bryobio

It was developed to speed up the processes of SOC Analysts during analysis
Python
47
star
5

Douglas-042

Powershell script to help Speed ​​up Threat hunting incident response processes
PowerShell
45
star
6

DraculaOS

Dracula OS is a Linux operating system meticulously designed for OSINT (Open Source Intelligence) and Cyber ​​Intelligence missions.
17
star
7

Wifi-Purple

Automate script for wifi hacking
Python
14
star
8

Pikachu-SMTP

Simple python script for brute force attack to smtp users
PowerShell
13
star
9

Expulso

Information Gathering and OSINT Tool
Python
12
star
10

BlueFish

Automation tool designed to simplify the analysis of PCAP (Packet Capture) files
Python
11
star
11

Hashcat-Automator

Python
5
star
12

nse-WebDirScanner

This Nmap script performs a comprehensive directory scan on a specified web server, checking for the presence of common directories and their HTTP status codes.
Lua
4
star
13

Samurai

Samurai is a lightening fast CPU friendly Hash Cracker
Python
3
star
14

Sonic

Web Headers Security Scanner
Python
3
star
15

Expulse

Automatic Nmap Script Finder
Python
3
star
16

Dragunov

Dragunov SVD Dns ZoneTransfer
Python
2
star
17

SHIELD

SSH Brute Force tool bring the thunder of asgard to SSH attack
Python
2
star
18

LinkShortener

Shortens links for phishing
Python
1
star
19

Taxi-Management-System

Taxi-Management-System
TSQL
1
star
20

csskeylogger

keylogger with CSS
HTML
1
star
21

leaks

bash script to check data leakage on websites
Shell
1
star
22

emrekybs

1
star