Introducing ADShareEnum β€” Dockerized Active Directory Share Enumeration

During internal assessments or red team engagements, identifying misconfigured shares in an Active Directory environment is a key step for privilege escalation and lateral movement. That’s why I built ADShareEnum, a Dockerized, interactive enumeration script that streamlines the process of scanning for READ/WRITE shares across domain machines.

πŸ”§ ADShareEnum combines several great tools under the hood:

🧰 Impacket for Kerberos ticket generation and AD enumeration

🧰 NetExec (successor of CrackMapExec) for SMB share scanning

🐳 All wrapped inside a Docker container for portability and ease of use

🎯 Key Features:

Supports both Kerberos-based and username/password authentication

Automatically retrieves AD computers, splits enumeration to chunks

Scans for READ/WRITE SMB shares (excluding default shares)

Results served through a built-in web server

Colorful and interactive CLI using figlet and lolcat πŸ˜„

πŸ“¦ Setup is simple:

Just clone the repo, build the image, and run the container:

git clone https://github.com/lucsemassa/ad_share_enum
cd ad_share_enum
sudo docker build -t adshareenum .
sudo docker run –rm -it -p 7070:7070 adshareenum

πŸ’Ύ The output file will be available at http://localhost:7070.

Check it out on GitHub πŸ‘‰ https://github.com/lucsemassa/ad_share_enum
Feel free to contribute, suggest improvements, or just try it on your lab!

Happy hunting! πŸ•΅οΈβ€β™‚οΈ
#ADShareEnum #pentesttools #cybersecurity #infosec #docker #redteam

Share this post

About the author

AdminStar@

Offensive Security Experienced Penetration Tester (OSEP)
Offensive Security Web Expert (OSWE)
Offensive Security Certified Professional (OSCP)
Certified Soc Analyst (CSA)
Certified Ethical Hacker (CEH)
Web Developer

View all posts

Leave a Reply

Your email address will not be published. Required fields are marked *