0007937: HEKATOMB - helps with post-exploitation on Active-Directory environment.

ID	Project	Category	View Status	Date Submitted	Last Update

0007937	Kali Linux	Queued Tool Addition	public	2022-09-22 06:41	2023-11-10 10:40

Reporter	Processus Thief	Assigned To
Priority	normal	Severity	feature	Reproducibility	N/A
Status	acknowledged	Resolution	open
Product Version	2022.3

Summary	0007937: HEKATOMB - helps with post-exploitation on Active-Directory environment.
Description	HEKATOMB is a python tool that helps with post-exploitation on Active-Directory environment. The tool permits to connect to LDAP directory to retrieve all computers and users informations. then it will download all DPAPI blob of all users from all computers. Finally, it will extract domain controller private key through RPC and uses it to decrypt all credentials. If you want more info, here is the repo link : https://github.com/Processus-Thief/HEKATOMB The tool is already referenced on the the book.hacktricks.xyz GitHub repo of Carlos Polop and on the PayloadsAllTheThings GitHub repo of Swissky.
Steps To Reproduce	For installation, just clone the repo and install requirements : git clone https://github.com/Processus-Thief/HEKATOMB cd HEKATOMB pip3 install -r requirements.txt
Additional Information	If you have any questions you can ask me : [email protected]

g0tmi1k 2022-09-30 13:56 administrator ~0016862	@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Processus Thief 2022-10-04 12:23 reporter ~0016911	@g0tm1k For packaging the tool, you can use the pip integration, it should help : https://pypi.org/project/hekatomb

Processus Thief 2022-12-08 11:28 reporter ~0017226	Hello I see that Kali 2022.4 was just released and Hekatomb is not added in it, do I have to do something else ? Thanks :)

g0tmi1k 2023-11-10 10:40 administrator ~0018616	Hello @Processus Thief, We can't use pip packages. It needs to be Debian standard.

Date Modified	Username	Field	Change
2022-09-22 06:41	Processus Thief	New Issue
2022-09-30 13:55	g0tmi1k	Status	new => acknowledged
2022-09-30 13:55	g0tmi1k	Category	New Tool Requests => Queued Tool Addition
2022-09-30 13:55	g0tmi1k	Summary	Add HEKATOMB tool to Kali Linux => HEKATOMB - helps with post-exploitation on Active-Directory environment.
2022-09-30 13:56	g0tmi1k	Note Added: 0016862
2022-10-04 12:23	Processus Thief	Note Added: 0016911
2022-12-08 11:28	Processus Thief	Note Added: 0017226
2023-11-10 10:40	g0tmi1k	Note Added: 0018616