{"id":4238,"date":"2021-11-09T04:07:47","date_gmt":"2021-11-09T04:07:47","guid":{"rendered":"https:\/\/www.jameseduard.com\/?p=4238"},"modified":"2021-11-09T04:07:47","modified_gmt":"2021-11-09T04:07:47","slug":"ldap-monitor-monitor-creation-deletion-and-changes-to-ldap-objects","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=4238","title":{"rendered":"LDAP Monitor = Monitor creation, deletion and changes to LDAP objects"},"content":{"rendered":"

[vc_row][vc_column][vc_column_text]<\/p>\n

LDAP Monitor<\/h1>\n

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!<\/p>\n

With this tool you can quickly see if your attack worked and if it changed LDAP attributes of the target object.<\/p>\n

\"\"<\/a><\/p>\n

<\/a>Features<\/h2>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Feature<\/th>\nPython (.py)<\/a><\/th>\nCSharp (.exe)<\/a><\/th>\nPowershell (.ps1)<\/a><\/th>\n<\/tr>\n<\/thead>\n
LDAPS support<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Random delay in seconds between queries<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Custom delay in seconds between queries<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Save output to logfile<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Colored or not colored output with\u00a0--no-colors<\/code><\/td>\n✔️<\/td>\n❌<\/td>\n❌<\/td>\n<\/tr>\n
Custom page size for paged queries<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Authenticate with user and password<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Authenticate as current shell user<\/td>\n❌<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n
Authenticate with LM:NT hashes<\/td>\n✔️<\/td>\n❌<\/td>\n❌<\/td>\n<\/tr>\n
Authenticate with kerberos tickets<\/td>\n✔️<\/td>\n❌<\/td>\n❌<\/td>\n<\/tr>\n
Option to ignore user logon events<\/td>\n✔️<\/td>\n✔️<\/td>\n✔️<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Demonstration<\/h2>\n