Jackdaw - Tool To Collect All Information In Your Domain

Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each other and how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking project by storing/looking up/reporting hashes/passwords/users. Example commands of Jackdaw Most of these commands are available already from the webapi, except for the database init. DB init jackdaw --sql sqlite:///<full path here>/test.db dbinit Enumeration Full enumeration with integrated sspi - windows only jackdaw --sql sqlite:///test.db enum 'ldap+sspi://10.10.10.2' 'smb+sspi-ntlm://10.10.10.2' Full enumeration with username and password - platform-independent The password is Passw0rd! jackdaw --sql sqlite:///test.db enum 'ldap://TEST\victim:[email protected]' 'smb+ntlm-password://TEST\victim:[email protected]' LDAP-only enumeration with username and password - platform-independent The password is Passw0rd! jackdaw --sql sqlite:///test.db ldap 'ldap://TEST\victim:[email protected]' Start an interactive web interface to plot graph and access additional features jackdaw --sql sqlite:///<FULL PATH....