CybserSecurity News

Tag: Microsoft Active Directory

  • KnowsMore: swiss army knife tool for pentesting Microsoft Active Directory

    KnowsMore

    KnowsMore is a Swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS, and DCSync).

    Main features

    •  Import NTLM Hashes from .ntds output txt file (generated by CrackMapExec or secretsdump.py)
    •  Import NTLM Hashes from NTDS.dit and SYSTEM
    •  Import Cracked NTLM hashes from hashcat output file
    •  Import BloodHound ZIP or JSON file
    •  BloodHound importer (import JSON to Neo4J without BloodHound UI)
    • Analyse the quality of the password (length, lower case, upper case, digit, special and latin)
    • Analyse the similarity of password with company and user name
    • Search for users, passwords, and hashes
    •  Export all cracked credentials direct to BloodHound Neo4j Database as ‘owned object’
    •  Other amazing features…

    Install

    pip3 install –upgrade knowsmore

    Use

     

    pentesting Microsoft Active Directory

    Execution Flow

    There is no obligation order to import data, but to get better correlation data we suggest the following execution flow:

    1. Create database file
    2. Import BloodHound files
      1. Domains
      2. GPOs
      3. OUs
      4. Groups
      5. Computers
      6. Users
    3. Import NTDS file
    4. Import cracked hashes

    Tutorial

    Copyright (C) 2023 helviojunior

  • knowsmore: A swiss army knife tool for pentesting Microsoft Active Directory

    Knows More

    KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).

    pentesting Microsoft Active Directory

    Main features

    •  Import NTLM Hashes from .ntds output txt file (generated by CrackMapExec or secretsdump.py)
    •  Import NTLM Hashes from NTDS.dit and SYSTEM
    •  Import Cracked NTLM hashes from hashcat output file
    •  Import BloodHound ZIP or JSON file
    •  BloodHound importer (import JSON to Neo4J without BloodHound UI)
    •  Analyse the quality of password (length , lower case, upper case, digit, special and latin)
    •  Analyse similarity of password with company and user name
    •  Search for users, passwords and hashes
    •  Export all cracked credentials direct to BloodHound Neo4j Database as ‘owned object’
    •  Other amazing features…

    Execution Flow

    There is no an obligation order to import data, but to get better correlation data we suggest the following execution flow:

    1. Create database file
    2. Import BloodHound files
      1. Domains
      2. GPOs
      3. OUs
      4. Groups
      5. Computers
      6. Users
    3. Import NTDS file
    4. Import cracked hashes

    Install & Use