LDAPmonitor
LDAPmonitor is a tool that monitors any changes made to the target LDAP objects on LIVE
It’s very similar to PSPY in a way that it surveils changes on LIVE
┌──(kali㉿kali)-[~/archive/htb/labs/support]
└─$ python3 LDAPmonitor/python/pyLDAPmonitor.py -d SUPPORT.HTB -u ldap -p 'nvEfEK16^1aM4$e7AclUf8x$tRWxPWO1%lmz' --dc-ip $IP
[+]======================================================
[+] LDAP live monitor v1.3 @podalirius_
[+]======================================================
[>] Trying to connect to 10.10.11.174 ...
[>] Listening for LDAP changes ...Executing LDAPmonitor with the credential of the ldap account
LDAP authentication for BloodHound ingestion has been logged
No additional LDAP changes are made