rusthound_ce/lib.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100
//! <p align="center">
//! <picture>
//! <img src="https://github.com/g0h4n/RustHound-CE/raw/main/img/rusthoundce-transparent-dark-theme.png" alt="rusthound-ce logo" width='250' />
//! </picture>
//! </p>
//! <hr />
//!
//! RustHound-CE is a cross-platform and cross-compiled BloodHound collector tool written in Rust, making it compatible with Linux, Windows, and macOS. It therefore generates all the JSON files that can be analyzed by BloodHound Community Edition. This version is only compatible with [BloodHound Community Edition](https://github.com/SpecterOps/BloodHound). The version compatible with [BloodHound Legacy](https://github.com/BloodHoundAD/BloodHound) can be found on [NeverHack's github](https://github.com/NH-RED-TEAM/RustHound).
//!
//!
//! You can either run the binary:
//! ```ignore
//! ---------------------------------------------------
//! Initializing RustHound-CE at 13:37:00 UTC on 01/12/23
//! Powered by g0h4n from OpenCyber | NH-RED-TEAM
//! ---------------------------------------------------
//!
//! RustHound-CE
//! g0h4n https://twitter.com/g0h4n_0
//! Active Directory data collector for BloodHound.
//!
//! Usage: rusthound [OPTIONS] --domain <domain>
//!
//! Options:
//! -v... Set the level of verbosity
//! -h, --help Print help
//! -V, --version Print version
//!
//! REQUIRED VALUES:
//! -d, --domain <domain> Domain name like: DOMAIN.LOCAL
//!
//! OPTIONAL VALUES:
//! -u, --ldapusername <ldapusername> LDAP username, like: user@domain.local
//! -p, --ldappassword <ldappassword> LDAP password
//! -f, --ldapfqdn <ldapfqdn> Domain Controller FQDN like: DC01.DOMAIN.LOCAL or just DC01
//! -i, --ldapip <ldapip> Domain Controller IP address like: 192.168.1.10
//! -P, --ldapport <ldapport> LDAP port [default: 389]
//! -n, --name-server <name-server> Alternative IP address name server to use for DNS queries
//! -o, --output <output> Output directory where you would like to save JSON files [default: ./]
//!
//! OPTIONAL FLAGS:
//! -c, --collectionmethod [<COLLECTIONMETHOD>]
//! Which information to collect. Supported: All (LDAP,SMB,HTTP requests), DCOnly (no computer connections, only LDAP requests). (default: All) [possible values: All, DCOnly]
//! --ldaps
//! Force LDAPS using for request like: ldaps://DOMAIN.LOCAL/
//! -k, --kerberos
//! Use Kerberos authentication. Grabs credentials from ccache file (KRB5CCNAME) based on target parameters for Linux.
//! --dns-tcp
//! Use TCP instead of UDP for DNS queries
//! --dc-only
//! Collects data only from the domain controller. Will not try to retrieve CA security/configuration or check for Web Enrollment
//! -z, --zip
//! Compress the JSON files into a zip archive
//!
//! OPTIONAL MODULES:
//! --fqdn-resolver Use fqdn-resolver module to get computers IP address
//! ```
//!
//! Or build your own using the ldap_search() function:
//!
//! ```ignore
//! # use rusthound::ldap::ldap_search;
//! # let ldaps = true;
//! # let ip = "127.0.0.1".to_owned();
//! # let port = 676
//! # let domain = "DOMAIN".to_owned()
//! # let ldapfqdn = "domain.com".to_owned()
//! # let username = "user".to_owned()
//! # let password = "pwd".to_owned()
//! # let kerberos= false;
//! let result = ldap_search(
//! &ldaps,
//! &Some(ip),
//! &Some(port),
//! &domain,
//! &ldapfqdn,
//! &username,
//! &password,
//! kerberos,
//! );
//! ```
//!
pub mod args;
pub mod banner;
pub mod ldap;
pub mod utils;
pub mod enums;
pub mod json;
pub mod objects;
extern crate bitflags;
extern crate chrono;
extern crate regex;
// Reimport key functions and structure
#[doc(inline)]
pub use ldap::ldap_search;
#[doc(inline)]
pub use ldap3::SearchEntry;