Active Directory Enumeration Script

AD Enumeration — Pure PowerShell

Enumeration script for Active Directory that no requires RSAT, BloodHound nor modules additional:

n
• User enumeration — Lista all the users with atributos key: lastLogon, pwdLastSet, memberOf, description (where a menudo there is passwords).
n
• Group mapping — Mapea memberships recursivas of Domain Admins, Enterprise Admins, and grupos privilegiados custom.
n
• GPO analysis — Extrae GPOs with scripts of logon, preferencias of grupo (cpassword), and configurestions of security.
n
• ACL audit — Identifica ACEs peligrosas: GenericAll, WriteDacl, WriteOwner, ForceChangePassword on objetos sensibles.
n
• SPN enumeration — Lista Service Principal Names for Kerberoasting targets.
n
• Trust mapping — Enumera domain trusts, forest trusts, and its address/type.
n
• Output — JSON structured importsble in BloodHound or processesble with jq.
n