During internal assessments or red team engagements, identifying misconfigured shares in an Active Directory environment is a key step for privilege escalation and lateral movement. Thatβs why I built ADShareEnum, a Dockerized, interactive enumeration script that streamlines the process of scanning for READ/WRITE shares across domain machines.
π§ ADShareEnum combines several great tools under the hood:
π§° Impacket for Kerberos ticket generation and AD enumeration
π§° NetExec (successor of CrackMapExec) for SMB share scanning
π³ All wrapped inside a Docker container for portability and ease of use
π― Key Features:
Supports both Kerberos-based and username/password authentication
Automatically retrieves AD computers, splits enumeration to chunks
Scans for READ/WRITE SMB shares (excluding default shares)
Results served through a built-in web server
Colorful and interactive CLI using figlet and lolcat π
π¦ Setup is simple:
Just clone the repo, build the image, and run the container:
git clone https://github.com/lucsemassa/ad_share_enum
cd ad_share_enum
sudo docker build -t adshareenum .
sudo docker run –rm -it -p 7070:7070 adshareenum
πΎ The output file will be available at http://localhost:7070.
Check it out on GitHub π https://github.com/lucsemassa/ad_share_enum
Feel free to contribute, suggest improvements, or just try it on your lab!
Happy hunting! π΅οΈββοΈ
#ADShareEnum #pentesttools #cybersecurity #infosec #docker #redteam