Windapsearch
windapsearch
is a Python script to help enumerate users, groups and computers from a Windows domain through LDAP queries. By default, Windows Domain Controllers support basic LDAP operations through port 389/tcp. With any valid domain account (regardless of privileges), it is possible to perform LDAP queries against a domain controller for any AD related information. https://github.com/ropnop/windapsearch
Windapsearch - Domain Admins
python3 windapsearch.py --dc-ip $DC_IP -u $USER@$DOMAIN -p $PASS --da
python3 windapsearch.py --dc-ip 172.16.5.5 -u forend@INLANEFREIGHT.LOCAL -p Klmcargo2 --da