Expand description
RustHound is a cross-platform and cross-compiled BloodHound collector tool, written in Rust. RustHound generate users,groups,computers,ous,gpos,containers,domains json files to analyze it with BloodHound application.
You can either run the binary:
---------------------------------------------------
Initializing RustHound at 13:37:00 UTC on 10/04/22
Powered by g0h4n from OpenCyber
---------------------------------------------------
RustHound
g0h4n https://twitter.com/g0h4n_0
Active Directory data collector for BloodHound.
USAGE:
rusthound [FLAGS] [OPTIONS] --domain <domain>
FLAGS:
--dns-tcp Use TCP instead of UDP for DNS queries
--fqdn-resolver [MODULE] Use fqdn-resolver module to get computers IP address
-h, --help Prints help information
--ldaps Prepare ldaps request. Like ldaps://G0H4N.LAB/
-v Sets the level of verbosity
-V, --version Prints version information
-z, --zip RustHound will compress the JSON files into a zip archive (doesn't work with Windows)
OPTIONS:
-d, --domain <domain> Domain name like: G0H4N.LAB
-f, --ldapfqdn <ldapfqdn> Domain Controler FQDN like: DC01.G0H4N.LAB
-i, --ldapip <ldapip> Domain Controller IP address
-p, --ldappassword <ldappassword> Ldap password to use
-P, --ldapport <ldapport> Ldap port, default is 389
-u, --ldapusername <ldapusername> Ldap username to use
-n, --name-server <name-server> Alternative IP address name server to use for queries
-o, --dirpath <path> Path where you would like to save json filesOr build your own using the ldap_search() function:
let result = ldap_search(
&ldaps,
&ip,
&port,
&domain,
&ldapfqdn,
&username,
&password,
);Here is an example of how to use rusthound:
Modules
Parsing arguments
Launch and end banners
Utils to extract data from ldap network packets
Errors management
Utils to parse json output from ldap library
Run a ldap enumeration and parse results
List of RustHound add-on modules
Structs
RustHound error’s type
Parsed search result entry.
Functions
Function to request all AD values.