Invoke-ADEnum is an auditing and enumeration tool designed to automate the collection of information from an Active Directory environment.
One of the features of Invoke-ADEnum is its ability to generate an Active Directory Audit Report in HTML format. Whether performing security assessments, compliance audits, or general Active Directory enumeration tasks, the report will provide a detailed overview of the Active Directory infrastructure in an easy-to-navigate layout.
HTML Example_Report generated by Invoke-ADEnum: https://leo4j.github.io/Invoke-ADEnum/
NOTE: By clicking on the tables' titles, you can generate and download a CSV version of the results. Additionally, you have the option to export the entire HTML report in XLSX format by clicking on "Active Directory Audit" at the top of the page. The XLSX export will include a separate sheet for each table of findings.
If you find Invoke-ADEnum valuable and use it in your work, please consider giving it a star. Your support motivates me to continue improving and maintaining this project
Load the script in memory:
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/Leo4j/Invoke-ADEnum/main/Invoke-ADEnum.ps1')
Help page:
Invoke-ADEnum -Help
Check your targets first, and make sure you stay in scope
Invoke-ADEnum -TargetsOnly
Specify a single domain to enumerate and a DC to bind to
Invoke-ADEnum -Domain contoso.local -Server DC01.contoso.local
Exclude out-of-scope domains
Invoke-ADEnum -Exclude "contoso.local,domain.local"
Local Admin Access, RBCD, User-Created Objects, abusable GPOs, and descriptions
Invoke-ADEnum -FindLocalAdminAccess -RBCD -UserCreatedObjects -GPOsRights -MoreGPOs -AllDescriptions
Avoid enumeration that runs port-scanning, DNS resolution, and suspicious checks
Invoke-ADEnum -OPSec -RBCD -UserCreatedObjects -GPOsRights -MoreGPOs -AllDescriptions
Run all available checks that Invoke-ADEnum can perform. It can be very time-consuming, especially in large domains.
Invoke-ADEnum -AllEnum -Force
The script does not record, change, or interfere with anything in your environment.
It does not collect or transmit any information. Nothing is sent over the internet. It runs completely offline.
The only file it creates is a single HTML report, saved in the current working directory (if writable) or in C:\Users\Public\Documents.
It does not need to run on a Domain Controller. You can run it from any machine (like a workstation) as long as it is domain-joined.
It runs fully under a standard domain user account. It does not require elevated domain rights or local admin permissions.
Finally, the following two JavaScript libraries are embedded in the script so it can run offline. They’re used to generate an HTML file and an Excel spreadsheet.
Invoke-ADEnum is intended exclusively for research, education, and authorised testing. Its purpose is to assist professionals and researchers in identifying misconfigurations and enhancing system security.
Users must secure explicit, mutual consent from all parties involved before utilising this tool on any system, network, or digital environment, as unauthorised activities can lead to serious legal consequences. Users are responsible for adhering to all applicable laws and regulations related to cybersecurity and digital access.
The creator of Invoke-ADEnum disclaims liability for any misuse or illicit use of the tool and is not responsible for any resulting damages or losses.
