Hasty Briefsbeta

GriffonAD: A new tool to exploit bad configurations in Active Directory

6 hours ago
https://github.com/shellinvictus/GriffonAD
Copy Link
  • #Active Directory
  • #Penetration Testing
  • #Security Tool
  • Griffon is a tool for exploiting misconfigurations in Active Directory using Bloodhound JSON files.
  • It generates commands for users to execute, with full control and customization over modifications.
  • Supports various scenarios and can be tested on a vulnerable AD lab setup.
  • Includes features like filtering targets, displaying groups and OUs, and visualizing object relations.
  • Can retrieve SYSVOL data and supports multiple target types based on user rights.
  • Handles secrets in a specific format and warns about overwriting multiple secrets for a user.
  • Offers multiple options for testing paths from different users or vulnerabilities.
  • Includes several auxiliary tools for modifying LDAP attributes, SPNs, and more.
  • Configurable via config.ml, allowing users to set scenario priorities and conditional predicates.
  • Performance metrics: fast parsing and analysis, low memory usage, but slow JS graph with random permissions.
  • Built with dependencies like Impacket and integrates tools like gMSADumper and aesKrbKeyGen.
  • Disclaimer: Intended for educational or research purposes only.
AboutLogin