LDAPmonitor
LDAPmonitor is a tool that monitors any changes made to the target LDAP objects on LIVE
It’s very similar to PSPY in a way that it surveils changes on LIVE
┌──(kali㉿kali)-[~/archive/htb/labs/apt]
└─$ KRB5CCNAME=smb/hashdump/henry.vinson@apt.htb.local.ccache python3 LDAPmonitor/python/pyLDAPmonitor.py -d HTB.LOCAL -u henry.vinson --no-pass -k --dc-ip $IPv6
[+]======================================================
[+] LDAP live monitor v1.3 @podalirius_
[+]======================================================
[>] Trying to connect to APT ...
[debug] using kerberos cache: smb/hashdump/henry.vinson@apt.htb.local.ccache
[debug] Using TGT from cache
[>] Listening for LDAP changes ...Executing LDAPmonitor using the TGT of the henry.vinson user
Nothing significant shows up