ADtool is a neat tool to help you list all the machines that are part of an Active Directory driven domain or network.
It is intended to help pentesters and admins in their day to day work, there are some other tools that can accomplish the work for listing domain servers, but unfortunately all other tools are GUI based, which makes it difficult to script actions based on the ouput and is difficult to export a list of machines.
So this tool is for the work day to day, when you need to get a simple and easy to use list of all machines in a domain.
ADtool doesn’t need any special membership, or user in the desired domain, just be connected on the same network, and information will come to you!.
1 |
Usage example. ADtool.exe domain -parameters [-o:file.txt] |
1 |
Usage example. ADtool.exe mydomain -vwSDmn [-o:listing.txt] |
You can download ADTool here:
Sir Henry says
Only problem with this executable is that it doesn’t parse hyphenated domains correctly resulting in a runtime error. Other than that, this is cool. Thanks!
Darknet says
Sir Henry: Ah that’s interesting, I’ll try and let author know and see if he can come out with a fix.
Anonymous reader says
csvde.exe – a tool that comes with Microsoft AD administration pack, ADAM – will do this as well. In fact, it will return any object class, users included.
Venkatesh Selvaraju says
“net view” one other built-in utility which should let you lists all computer accounts part of a domain.
Syntax: net view /domain:domainname
E.g: net view /domain:darket.corp.com