-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathshFlags.go
166 lines (160 loc) · 4.88 KB
/
shFlags.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
package main
import "github.com/urfave/cli/v2"
// https://github.com/BloodHoundAD/SharpHound3/blob/32e663cc7a35bebf65b7b72bf2ad26c88e755266/SharpHound3/Options.cs
// https://bloodhound.readthedocs.io/en/latest/data-collection/sharphound-all-flags.html
var (
sharpHoundFlags = []cli.Flag{
&cli.StringFlag{
Name: "CollectionMethod",
Usage: "Specifies the CollectionMethod being used. ",
},
&cli.StringFlag{
Name: "OutputPrefix",
Usage: "Prefix to add to output files",
},
&cli.BoolFlag{
Name: "Stealth",
Usage: "Use stealth collection options, will sacrifice data quality in favour of much reduced",
},
&cli.StringFlag{
Name: "Domain",
Usage: "Specifies the domain to enumerate. If not specified, will enumerate the current domain your user context specifies.",
},
&cli.BoolFlag{
Name: "WindowsOnly",
Usage: "Limits computer collection to systems that have an operating system attribute that matches *Windows*",
},
&cli.StringFlag{
Name: "ComputerFile",
Usage: "A file containing a list of computers to enumerate.",
},
&cli.StringFlag{
Name: "LdapFilter",
Usage: "Append this ldap filter to the search filter to further filter the results enumerated",
},
&cli.StringFlag{
Name: "SearchBase",
Usage: "DistinguishedName to start LDAP searches at. Equivalent to the old --OU option",
},
&cli.BoolFlag{
Name: "PrettyJSON",
Usage: "Output 'pretty' json with formatting for readability",
},
&cli.StringFlag{
Name: "CacheFilename",
Usage: "Name for the cache file dropped to disk (default: unique hash generated per machine)",
},
&cli.BoolFlag{
Name: "RandomizeFilenames",
Usage: "Randomize file names completely",
},
&cli.BoolFlag{
Name: "NoSaveCache",
Usage: "Don't write the cache file to disk. Caching will still be performed in memory.",
},
&cli.BoolFlag{
Name: "InvalidateCache",
Usage: "Invalidate and rebuild the cache file",
},
&cli.StringFlag{
Name: "DomainController",
Usage: "Domain Controller to connect too. Specifying this can result in data loss",
},
&cli.StringFlag{
Name: "LdapPort",
Usage: "Port LDAP is running on. Defaults to 389/686 for LDAPS",
},
&cli.BoolFlag{
Name: "SecureLDAP",
Usage: "Connect to LDAPS (LDAP SSL) instead of regular LDAP",
},
&cli.BoolFlag{
Name: "DisableKerberosSigning",
Usage: "Disables keberos signing/sealing, making LDAP traffic viewable",
},
&cli.StringFlag{
Name: "LdapUsername",
Usage: "Username for connecting to LDAP. Use this if you're using a non-domain account for connecting to computers",
},
&cli.StringFlag{
Name: "LdapPassword",
Usage: "Password for connecting to LDAP. Use this if you're using a non-domain account for connecting to computers",
},
&cli.BoolFlag{
Name: "SkipPortScan",
Usage: "Skip SMB port checks when connecting to computers",
},
&cli.StringFlag{
Name: "PortScanTimeout",
Usage: "Timeout for SMB port checks",
Value: "2000",
},
&cli.BoolFlag{
Name: "ExcludeDomainControllers",
Usage: "Exclude domain controllers from enumeration (useful to avoid Microsoft ATP/ATA)",
},
&cli.StringFlag{
Name: "Throttle",
Usage: "Throttle requests to computers (in milliseconds)",
},
&cli.StringFlag{
Name: "Jitter",
Usage: "Add jitter to throttle",
},
&cli.StringFlag{
Name: "OverrideUserName",
Usage: "Override username to filter for NetSessionEnum",
},
&cli.BoolFlag{
Name: "NoRegistryLoggedOn",
Usage: "Disable remote registry check in LoggedOn collection",
},
&cli.BoolFlag{
Name: "DumpComputerStatus",
Usage: "Dumps error codes from attempts to connect to computers",
},
&cli.StringFlag{
Name: "RealDNSName",
Usage: "Overrides the DNS name used for API calls",
},
&cli.BoolFlag{
Name: "CollectAllProperties",
Usage: "Collect all string LDAP properties on objects",
},
&cli.StringFlag{
Name: "StatusInterval",
Usage: "Interval for displaying status in milliseconds",
},
// Not supported in bloodhound-import
// &cli.StringFlag{
// Name: "OutputDirectory",
// Usage: "Folder to output files too",
// Required: true,
// }
// &cli.BoolFlag{
// Name: "EncryptZip",
// Usage: "Encrypt the zip file with a random password",
// },
// &cli.StringFlag{
// Name: "ZipFilename",
// Usage: "Name for the zip file output by data collection",
// },
// &cli.BoolFlag{
// Name: "NoZip",
// Usage: "Do NOT zip the json files, set to True as zip files are not supported",
// Value: true,
// },
// &cli.StringFlag{
// Name: "Loop",
// Usage: "Perform looping for computer collection",
// },
// &cli.StringFlag{
// Name: "LoopDuration",
// Usage: "Duration to perform looping (Default 02:00:00)",
// },
// &cli.StringFlag{
// Name: "LoopInterval",
// Usage: "Interval to sleep between loops (Default 00:05:00)",
// },
}
)