ntdsxtract
Domain controller extractor
A Python-based tool for extracting and analyzing data from Windows domain controllers to aid in Active Directory forensic investigations
Active Directory forensic framework
321 stars
23 watching
107 forks
Language: Python
last commit: almost 3 years ago
Linked from 1 awesome list
shadawck/awesome-anti-forensicRelated projects:
| Repository | Description | Stars |
|---|---|---|
 unapibageek/ctfr | A tool that exploits Certificate Transparency logs to extract subdomains from HTTPS websites. | 1,977 |
 eldraco/domain_analyzer | An automated security analysis tool for domains | 1,847 |
 diogo-fernan/domfind | A tool to find identical domain names with SOA DNS records under different TLDs | 24 |
 msuhanov/dfir_ntfs | A digital forensics tool for parsing and analyzing NTFS/FAT file systems. | 196 |
 exdx/dcp | A tool that simplifies the process of extracting data from container images onto the local file system | 109 |
 adbedada/ts-raster | Extracts and analyzes time-series characteristics from raster data using Python. | 4 |
 lgandx/pcredz | A tool that extracts various types of credentials and information from network captures or live interfaces. | 2,033 |
 dirkjanm/adconnectdump | A tool suite to extract and decrypt sensitive Azure AD credentials from Azure AD Connect servers | 641 |
 eset-la/lord-of-the-strings | A tool to extract and classify relevant strings from binary files | 9 |
 derekselander/dsdump | A tool for analyzing and extracting information from Mach-O executable files | 1,135 |
 byt3bl33d3r/deathstar | Automates gaining Domain and/or Enterprise Admin rights in Active Directory environments using offensive TTPs | 1,592 |
 darryllane/bluto | Tools for gathering information about and exploiting vulnerabilities in domains | 620 |
 moyix/creddump | Extracts various credentials and secrets from Windows registry hives. | 245 |
 recrm/archivetools | A collection of tools for extracting and analyzing data from web archives | 71 |
 cmu-sei/cyobstract | Extracts structured cyber information from incident reports. | 79 |