nxc-ldap
netExec LDAP module
TLDR
Authenticate to LDAP
$ nxc ldap [target] -u [user] -p [password]
Enumerate users$ nxc ldap [target] -u [user] -p [password] --users
Enumerate groups$ nxc ldap [target] -u [user] -p [password] --groups
Kerberoasting$ nxc ldap [target] -u [user] -p [password] --kerberoasting [output.txt]
AS-REP roasting$ nxc ldap [target] -u [user] -p [password] --asreproast [output.txt]
SYNOPSIS
nxc ldap [target] [options]
DESCRIPTION
nxc ldap is the NetExec LDAP module. Tests Active Directory via LDAP.
The tool enumerates and attacks AD. Used for domain penetration testing.
PARAMETERS
TARGET
Domain controller address.-u USER
Username.-p PASSWORD
Password.--users
Enumerate domain users.--groups
Enumerate domain groups.--kerberoasting FILE
Dump Kerberos hashes.--asreproast FILE
AS-REP roasting attack.--help
Display help information.
CAVEATS
Security tool. Authorized use only. Targets Active Directory.
HISTORY
nxc ldap provides Active Directory penetration testing via LDAP protocol.
SEE ALSO
nxc(1), ldapsearch(1), bloodhound(1)