/bloodyAD

BloodyAD is an Active Directory Privilege Escalation Framework

Primary LanguagePythonMIT LicenseMIT

⚠️ autobloody has been moved to its own repo

bloodyAD logo bloodyAD

bloodyAD is an Active Directory privilege escalation swiss army knife

Description

This tool can perform specific LDAP calls to a domain controller in order to perform AD privesc.

bloodyAD supports authentication using cleartext passwords, pass-the-hash, pass-the-ticket or certificates and binds to LDAP services of a domain controller to perform AD privesc.

Exchange of sensitive information without LDAPS is supported.

It is also designed to be used transparently with a SOCKS proxy.

Simple usage:

bloodyAD --host 172.16.1.15 -d bloody.local -u jane.doe -p :70016778cb0524c799ac25b439bd6a31 set password john.doe 'Password123!'

See the wiki for more.

Support

Like this project? Donations are greatly appreciated ☺️

Need personalized support? send me an email for trainings or custom features.

Acknowledgements