Invoke-ADEnum: Automate Active Directory Enumeration

by ddos · June 25, 2024

Invoke-ADEnum

Invoke-ADEnum is an enumeration tool designed to automate the process of gathering information from an Active Directory environment.

With Invoke-ADEnum, you can enumerate various aspects of Active Directory, including forests, domains, trusts, domain controllers, users, groups, computers, shares, subnets, ACLs, OUs, GPOs, and more.

One of the features of Invoke-ADEnum is its ability to generate an Active Directory Audit Report in HTML format. Whether performing security assessments, compliance audits, or general Active Directory enumeration tasks, the report will provide a detailed overview of the Active Directory infrastructure in an easy-to-navigate layout, as well as recommendations to remediate findings.

NOTE: By clicking on the tables’ titles, you can generate and download a CSV version of the results. Additionally, you have the option to export the entire HTML report in XLSX format by clicking on “Active Directory Audit” at the top of the page. The XLSX export will include a separate sheet for each table of findings.

Use

Load the script in memory:

iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/Leo4j/Invoke-ADEnum/main/Invoke-ADEnum.ps1')

Help page:

Invoke-ADEnum -Help

Check your targets first, and make sure you stay in scope

Invoke-ADEnum -TargetsOnly

Recommended Coverage

Invoke-ADEnum -Recommended -SprayEmptyPasswords

Specify a single domain to enumerate and a DC to bind to

Invoke-ADEnum -Domain contoso.local -Server DC01.contoso.local

Exclude out-of-scope domains

Invoke-ADEnum -Exclude "contoso.local,domain.local"

Full Coverage (may take a long time depending on domain size)

Invoke-ADEnum -AllEnum -Force

Source: https://github.com/Leo4j/

Invoke-ADEnum: Automate Active Directory Enumeration

Search

Brilliantly

Content & Links