Track Common Adversary Tasks Performed Using AdFind
To know more about it, you can go through my detailed document by clicking here
Overview
AdFind can be termed as a command-line Active Directory query tool which comprises of tools loke dsquery, dsget, 1dp, etc. along with some other nice features. Although it is generally used for legitimate purposes, but, it can also be accessed by threat actors to post-exploit Active Directory reconnaissance.
Features
Some of the salient features of AdFind are as follows:
- Flawless listing- It list all the commands that can be executed with the supported parameters while launching a program and you easily work with this one according to the security measures of the Active Directory.
- Various Options Presented- The output options contains the parameters of objects' list count or the objects' name while various extended documentations can be accessed directly from console.
- Simple & Straightforward AD Query Tool- Although AdFind is not the most reliable tool for Active Directory, but, it contains a variety of options and documentations for an experienced user to make the most of it with little efforts.
Conclusion
Hence, AdFind is a console-based query tool that generally does not require any installation which can be a little difficult for some users, but, it still contains a sea of options that can help the users to some extent and as it can be also used by the threat actors, regular monitoring of the system processes should be done to look out for any malicious activity.
To know more about it, you can go through my detailed document by clicking here
Comments
Post a Comment