ADExplorerSnapshot.py icon indicating copy to clipboard operation
ADExplorerSnapshot.py copied to clipboard

Published 20 hours ago verified publisher icon c3c

Allow other parsers

Open AdrianVollmer opened this issue 1 year ago • 2 comments

Hi,

I forked ADExplorerSnapshot because much of the code is reusable to parse other files such as LDIF files, but replacing the parsing class is not straight forward. I use this fork as a dependency here. If you choose to merge this simple change, I could delete the fork and avoid useless redundancy. Perhaps in the future even more file formats could be parsed and converted to BloodHound data, for example the ntds.dit.

What do you think?

AdrianVollmer avatar May 30 '23 07:05 AdrianVollmer

In general i think making it more generic to allow different parsers is a great idea. Will merge after I’ve implemented tox tests.

c3c avatar Jun 05 '23 18:06 c3c

Oh and really cool idea to have LDIF support! Now we just need the other way around… snapshot to LDIF to an external LDAP server and then run tooling (bloodhound/pingcastle/etc) against it :)

c3c avatar Jun 05 '23 19:06 c3c