Giter Site home page Giter Site logo

mikhailrootdso / pentestui Goto Github PK

View Code? Open in Web Editor NEW

This project forked from mustgundogdu/pentestui

0.0 0.0 0.0 12.71 MB

Active Directory Penetration Testing Tool

License: Apache License 2.0

Shell 0.06% JavaScript 1.98% Python 50.31% CSS 42.50% HTML 5.15%

pentestui's Introduction

Pentest User Interface (PentestUI)

Pentest User Interface (PentestUI) is an automated web interface with Django for some Active Directory enumeration methods and attacks.Also you can access again result to performed enumeration methods or attacks on Active Directory structure.

Instalation

$ sudo apt-get update

<Postgresql Installation>: https://www.postgresql.org/download/

$ sudo apt-get install python3-pip

โš ๏ธ If not installed libpq-dev Please:

$ sudo apt-get install libpq-dev

$ sudo pip3 install -r requirements.txt

$ sudo bash install.sh

$ sudo python3 manage.py runserver 0.0.0.0:8000

Features & Usage

Feature List

  • SPN User Enumeration

List Service Principal Name (SPN) users in Active Directory domain structrue.

  • Domain Admin user Enumeration

List users of admin authority in Active Directory domain structrue.

  • DFS Enumeration

List Distributed File System Shares(DFS) Enumeration in Domain.

  • DNS Zone Enumeration

Display DNS Zone in Domain structure.

  • Sensitive Data Search

Search sensitive Data in Active Directory domain structure.

  • DC Enumeration

List Domain Controllers(DC) in Active Directory domain structure.

  • Pre-Auth users Enumeration

List Kerberos pre-authentication users in Active Directory domain structure.

  • As-Rep Roasting Attack

  • Password Spray Attack

  • Kerberoasting Attack

USAGE

Application Lab Information

Attack Usage - Kerberoasting Attack

Attack Usage - As-rep Roasting

Attack Usage - Password-Spray Attack

References

https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat

https://docs.microsoft.com/en-us/windows-server/networking/sdn/security/kerberos-with-spn

https://docs.microsoft.com/en-us/windows/win32/dfs/distributed-file-system-dfs-functions

https://ldap3.readthedocs.io/en/latest/tutorial_searches.html

https://enesergun.net/as-rep-roasting-saldirisi-saldiriyi-anlamak-ve-tespiti.html

https://github.com/SecureAuthCorp/impacket

https://ldap3.readthedocs.io/en/latest/

pentestui's People

Contributors

mustgundogdu avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.