Active Directory pentesting tool for Linux. Automated Kerberoasting, AS-REP Roasting, ADCS/ESC exploitation, DCSync, BloodHound integration, and 40+ AD attack paths. ENS Alto / NIS2 / ISO 27001 compliance reports. No Windows required.

Perform DCSync operation without mimikatz

This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)

Finds Domain Controller on a network, enumerates users, AS-REP Roasting and hash cracking, bruteforces password, dumps AD users, DRSUAPI, scans SMB/NFS shares for passwords, scans for remote accesses, dumps NTDS.dit.

HTB - Writeups

Pre2KfromDCSync detects machine accounts with Pre-Windows 2000 passwords and outputs the account name, stored NT hash, and potential password from DCSync output.

All my walkthroughs for HTB Academy labs in the Active Directory Module ( CPTS path ). Includes folder of canvas files for Obsidian.

Active Directory DCSync Rights Auditor - Defensive security audit tool for identifying accounts with replication rights. Blue Team tool. For authorized security auditing only.

TryHackMe Boogeyman 3 write-up covering SOC investigation, PowerShell activity, credential discovery, lateral movement, hash dumping, DCSync activity, and ransomware execution analysis using Elastic/Kibana logs.

PowerShell script to DCSync NT-Hashes from an Active Directory Domain Controller (DC) using DSInternals

Complete Active Directory Red Team Lab — BloodHound, AS-REP Roasting, Kerberoasting, DCSync, Pass-the-Hash, Golden Ticket | Full Penetration Testing Methodology by Abdullah

Active Directory detection engineering — Kerberoasting, DCSync, Golden Ticket, AS-REP Roasting via Sentinel KQL