diego 0.1.2

Pure Rust Active Directory security diagnostic agent. AS-REP Roasting, Kerberoasting, LDAP enumeration, OPSEC-friendly with Claude API analysis and MCP server mode.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

pub mod kerberos;
pub mod ldap;
pub mod passive;

use async_trait::async_trait;
use std::sync::Arc;

use crate::config::Config;
use crate::report::Finding;

#[async_trait]
pub trait DiagnosticModule: Send + Sync {
    fn name(&self) -> &'static str;
    async fn run(&self, config: Arc<Config>) -> anyhow::Result<Vec<Finding>>;
}

/// Data extracted by LdapModule and passed to KerberosModule
#[derive(Debug, Clone)]
pub struct LdapContext {
    pub asrep_candidates: Vec<String>,
    pub spn_accounts: Vec<SpnAccount>,
}

#[derive(Debug, Clone)]
pub struct SpnAccount {
    pub sam_name: String,
    pub spns: Vec<String>,
    /// msDS-SupportedEncryptionTypes bitmask (0 = unknown/legacy = RC4 ok)
    pub supported_enc_types: u32,
}