rusthound_ce/
lib.rs

1//! <p align="center">
2//!     <picture>
3//!         <source media="(prefers-color-scheme: dark)" srcset="https://github.com/g0h4n/RustHound-CE/raw/main/img/rusthoundce-transparent-dark-theme.png">
4//!         <source media="(prefers-color-scheme: light)" srcset="https://github.com/g0h4n/RustHound-CE/raw/main/img/rusthoundce-transparent-light-theme.png">
5//!         <img src="https://github.com/g0h4n/RustHound-CE/raw/main/img/rusthoundce-transparent-dark-theme.png" alt="rusthound-ce logo" width='250' />
6//!     </picture>
7//! </p>
8//! <hr />
9//!
10//! RustHound-CE is a cross-platform and cross-compiled BloodHound collector tool written in Rust, making it compatible with Linux, Windows, and macOS. It therefore generates all the JSON files that can be analyzed by BloodHound Community Edition. This version is only compatible with [BloodHound Community Edition](https://github.com/SpecterOps/BloodHound). The version compatible with [BloodHound Legacy](https://github.com/BloodHoundAD/BloodHound) can be found on [NeverHack's github](https://github.com/NH-RED-TEAM/RustHound).
11//!
12//!
13//! You can either run the binary:
14//! ```ignore
15//! ---------------------------------------------------
16//! Initializing RustHound-CE at 13:37:00 UTC on 01/12/23
17//! Powered by @g0h4n_0
18//! ---------------------------------------------------
19//! 
20//! Active Directory data collector for BloodHound Community Edition.
21//! g0h4n <https://twitter.com/g0h4n_0>
22//! 
23//! Usage: rusthound-ce [OPTIONS] --domain <domain>
24//! 
25//! Options:
26//!   -v...          Set the level of verbosity
27//!   -h, --help     Print help
28//!   -V, --version  Print version
29//! 
30//! REQUIRED VALUES:
31//!   -d, --domain <domain>  Domain name like: DOMAIN.LOCAL
32//! 
33//! OPTIONAL VALUES:
34//!   -u, --ldapusername <ldapusername>  LDAP username, like: user@domain.local
35//!   -p, --ldappassword <ldappassword>  LDAP password
36//!   -f, --ldapfqdn <ldapfqdn>          Domain Controller FQDN like: DC01.DOMAIN.LOCAL or just DC01
37//!   -i, --ldapip <ldapip>              Domain Controller IP address like: 192.168.1.10
38//!   -P, --ldapport <ldapport>          LDAP port [default: 389]
39//!   -n, --name-server <name-server>    Alternative IP address name server to use for DNS queries
40//!   -o, --output <output>              Output directory where you would like to save JSON files [default: ./]
41//! 
42//! OPTIONAL FLAGS:
43//!   -c, --collectionmethod [<COLLECTIONMETHOD>]
44//!           Which information to collect. Supported: All (LDAP,SMB,HTTP requests), DCOnly (no computer connections, only LDAP requests). (default: All) [possible values: All, DCOnly]
45//!       --ldap-filter <ldap-filter>
46//!           Use custom ldap-filter default is : (objectClass=*)
47//!       --ldaps
48//!           Force LDAPS using for request like: ldaps://DOMAIN.LOCAL/
49//!   -k, --kerberos
50//!           Use Kerberos authentication. Grabs credentials from ccache file (KRB5CCNAME) based on target parameters for Linux.
51//!       --dns-tcp
52//!           Use TCP instead of UDP for DNS queries
53//!   -z, --zip
54//!           Compress the JSON files into a zip archive
55//!       --cache
56//!           Cache LDAP search results to disk (reduce memory usage on large domains)
57//!       --cache-buffer <cache_buffer>
58//!           Buffer size to use when caching [default: 1000]
59//!       --resume
60//!           Resume the collection from the last saved state
61//! 
62//! OPTIONAL MODULES:
63//!       --fqdn-resolver  Use fqdn-resolver module to get computers IP address
64//! ```
65//! 
66//! Or build your own using the ldap_search() function:
67//! ```ignore
68//! # use rusthound::ldap::ldap_search;
69//! # let ldaps = true;
70//! # let ip = Some("127.0.0.1");
71//! # let port = Some(676);
72//! # let domain = "DOMAIN.COM";
73//! # let ldapfqdn = "ad1.domain.com";
74//! # let username = Some("user");
75//! # let password = Some("pwd");
76//! # let kerberos= false;
77//! let result = ldap_search(
78//!     &ldaps,
79//!     &Some(ip),
80//!     &Some(port),
81//!     &domain,
82//!     &ldapfqdn,
83//!     &username,
84//!     &password,
85//!     kerberos,
86//! );
87//! ```
88//! 
89pub mod args;
90pub mod banner;
91pub mod ldap;
92pub mod utils;
93
94pub mod enums;
95pub mod json;
96pub mod objects;
97pub (crate) mod storage;
98
99pub (crate) mod api;
100
101extern crate bitflags;
102extern crate chrono;
103extern crate regex;
104
105// Reimport key functions and structure
106#[doc(inline)]
107pub use ldap::ldap_search;
108#[doc(inline)]
109pub use ldap3::SearchEntry;
110
111pub use json::maker::make_result;
112pub use api::prepare_results_from_source;
113pub use storage::{Storage, EntrySource, DiskStorage, DiskStorageReader};