SoaPy
SoaPy is a Proof of Concept (PoC) tool designed for offensive interactions with Active Directory Web Services (ADWS) from Linux systems. It allows security professionals to perform stealthy enumeration and targeted exploitation on Active Directory environments.
Key Features:
- Custom Python Implementations: Implements Microsoft protocols like NNS, NMF, and NBFSE for ADWS interaction.
- Stealthy Enumeration: Conduct reconnaissance over a proxy into internal Active Directory environments.
- Targeted Exploitation:
- ServicePrincipalName writing for Kerberoasting.
- DON’T_REQ_PREAUTH flag manipulation for ASREP-Roasting.
- Write to msDs-AllowedToActOnBehalfOfOtherIdentity for Resource-Based Constrained Delegation attacks.
Benefits:
- Flexibility and Control: Offers a range of options for enumerating LDAP objects and writing certain attributes.
- Comprehensive Tools: Includes commands for user, computer, and group enumeration, along with advanced operations for targeted attacks.
Highlights:
- Open-source tool hosted on GitHub, enabling contributions and enhancements from the community.
- Focused on enabling security audits and penetration testing efforts against ADWS.