The Manticore Project
GitHub Discord Get Started

Security Tools

Comprehensive offensive and defensive security tools built by the community, for the community. All tools are open source and cross-platform compatible.

Delegations

The Delegations tool provides comprehensive capabilities for analyzing and working with Kerberos delegations in Active Directory environments. It supports all three types of delegations and helps security professionals identify potential attack vectors and misconfigurations.

Key Features:

  • Support for unconstrained delegations
  • Constrained delegation analysis
  • Resource-based constrained delegations
  • Cross-platform compatibility
  • Detailed reporting capabilities
View on GitHub 214 Download

FindGPPPasswords

FindGPPPasswords helps identify and decrypt passwords stored in Group Policy Preferences, a common security misconfiguration that can lead to privilege escalation in Active Directory environments.

Key Features:

  • Automated SYSVOL scanning
  • Password decryption capabilities
  • Low-privilege operation
  • Multiple output formats
  • Cross-platform support
View on GitHub 170 Download

LDAPWordlistHarvester

LDAPWordlistHarvester connects to Active Directory via LDAP and extracts meaningful strings from object attributes to build a targeted wordlist. Useful for password auditing and security assessments.

Key Features:

  • LDAP-based attribute extraction
  • Client-specific wordlist generation
  • Multiple attribute support
  • Cross-platform compatibility
  • Customizable output formats
View on GitHub 58 Download

DescribeNTSecurityDescriptor

This tool helps security researchers and administrators understand Windows security descriptors by parsing and presenting the information in a human-readable format. Essential for analyzing Windows security configurations.

Key Features:

  • Parse raw ntSecurityDescriptor structures
  • Human-readable output format
  • Cross-platform support
  • Detailed ACL analysis
  • Export capabilities
View on GitHub 48 Download

FindOldSIDTraces

FindOldSIDTraces scans Active Directory LDAP objects for remnants of old Security Identifiers that may indicate previous migrations, trust relationships, or potential security issues.

Key Features:

  • LDAP-based SID trace detection
  • Old SID identification
  • Migration artifact discovery
  • Cross-platform compatibility
  • Detailed reporting
View on GitHub 25 Download

goLAPS

goLAPS provides a simple interface for working with Microsoft LAPS (Local Administrator Password Solution) passwords, allowing administrators to retrieve and manage local administrator passwords programmatically.

Key Features:

  • LAPS password retrieval
  • Password setting capabilities
  • Active Directory integration
  • Secure password handling
  • Cross-platform support
View on GitHub 17 Download

SIDTool

SIDTool provides comprehensive functionality for analyzing, converting, and working with Windows Security Identifiers. Essential for understanding Windows security principals and access control.

Key Features:

  • SID parsing and analysis
  • Multiple SID format support
  • Conversion between formats
  • Security principal identification
  • Bulk SID processing
View on GitHub 15 Download

keytab

The keytab tool provides comprehensive functionality for creating, reading, and manipulating Kerberos keytab files. Essential for managing Kerberos authentication in enterprise environments.

Key Features:

  • Keytab file creation and modification
  • Multiple encryption type support
  • Cross-platform compatibility
  • Detailed keytab analysis
  • Security validation checks
View on GitHub 10 Download

FindReusedKeyCredentials

FindReusedKeyCredentials scans Active Directory for objects sharing the same key credentials, which could indicate misconfiguration or potential security issues with certificate-based authentication.

Key Features:

  • Key credential reuse detection
  • Active Directory scanning
  • Cross-platform compatibility
  • Detailed reporting
  • LDAP-based analysis
View on GitHub 9 Download

DescribeKeyCredentialLink

DescribeKeyCredentialLink parses the msDS-KeyCredentialLink attribute used in Windows Hello for Business and certificate-based authentication, presenting its contents in a human-readable format.

Key Features:

  • KeyCredentialLink blob parsing
  • Human-readable output
  • Certificate information extraction
  • Cross-platform support
  • Detailed structure analysis
View on GitHub 3 Download

KeyCredentialHound

KeyCredentialHound collects KeyCredential information from Active Directory objects via LDAP and outputs BloodHound-compatible opengraph data for visualization and analysis.

Key Features:

  • BloodHound opengraph output
  • LDAP-based collection
  • KeyCredential analysis
  • Cross-platform compatibility
  • Active Directory integration
View on GitHub 1 Download

ExtractAS400LickeysFromDisk

ExtractAS400LickeysFromDisk parses disk images from IBM AS/400, iSeries, and Power Systems to locate and extract stored licence keys, useful for inventory management and system recovery.

Key Features:

  • IBM AS/400 disk image parsing
  • iSeries and Power Systems support
  • Licence key extraction
  • Cross-platform compatibility
  • Multiple image format support
View on GitHub 1 Download

ComputeSIDFromServiceName

ComputeSIDFromServiceName calculates the Security Identifier (SID) that Windows assigns to a given service, useful for understanding service account permissions and security configurations.

Key Features:

  • SID computation from service names
  • Windows service SID lookup
  • Cross-platform compatibility
  • Batch processing support
  • Human-readable output
View on GitHub Download

Contribute to The Manticore Project

Help us build better security tools for the community. Contribute code, report issues, or suggest new features.

Contribute on GitHub