Active Directory

CrackMapExec

Swiss-army knife for AD network post-exploitation.

adsmb

crackmapexec — terminal

$ crackmapexec smb 10.0.0.0/24 -u user -p Pass123

What it does

CrackMapExec automates enumeration and attacks across SMB, WinRM, MSSQL, and LDAP at scale — spraying credentials, dumping hashes, and executing commands. It's a staple of internal Active Directory assessments.

Source

https://github.com/Porchetta-Industries/CrackMapExec ↗

More Active Directory tools

ImpacketPython toolkit of network-protocol scripts.GetNPUsers.pyAS-REP roasting via Impacket.enum4linux-ngSMB and Windows enumeration.LDAPDomainDumpDump Active Directory contents via LDAP.

Need hosted scanning instead of local tooling?

Run a scan in the browser →