>_ shadow.red
notatki-hakera.pl YouTube CTF Solutions Channel ☕ Buy me a coffee
~ / Active Directory / SPN Enumeration

SPN Enumeration

Active Directory AD Enumeration windows linux

Native Windows

setspn -L iis_service

PowerView

Get-NetUser -SPN | select samaccountname,serviceprincipalname
Get-DomainUser -SPN | name, serviceprincipalname

Remote (Linux)

sudo python3 windapsearch.py --dc-ip 192.168.192.142 --user-spns