A powerful Bash script that automates the download and setup of essential tools for Active Directory penetration testing. Built for red teamers, pentesters, and security enthusiasts.
Created as part of my learning journey while preparing for PNPT and OSCP certifications.
- ✅ Fully interactive main menu: Choose to update dependencies, install all tools, or pick them individually.
- ✅ Automatic installation of dependencies: Python venv, Git, Ruby, Cargo, Go, Rust, etc.
- ✅ Smarter installations: The script sets up Python virtual environments, installs requirements, compiles tools with
make, installsevil-winrmvia Ruby, and compiles Rust projects. - ✅ Safe re-runs: Already cloned tools are skipped, making the script idempotent and safe to run multiple times.
- ✅ Improved UX: Clean, colorized output and structured logging for better visibility.
- 🐛 Fixed incorrect installation paths by assigning unique directory names for each tool (e.g.,
sqlmap_git,responder_git) - ➕ Added tool
PrintSpoofer,sqlmapto full installation list - 🧠 Improved tool detection logic – re-running the script no longer skips partially installed tools
Please refer to each tool's README or usage instructions for setup details.
- ✅ Root privilege check
- ✅ Installs tools into
/opt/adtools - ✅ Option to install all tools or select individually via menu
- ✅ Automatic installation of dependencies (Python, Git, Ruby, Rust, etc.)
- ✅ Smart setup for supported tools (e.g., Python venv,
make,cargo, etc.) - ✅ Clean and colorized terminal output
The script clones the following repositories:
| # | Tool Name | Description |
|---|---|---|
| 1 | BloodHound (GUI) | AD attack path visualization |
| 2 | SharpHound | Data collector for BloodHound |
| 3 | BloodHound.py | Python-based alternative to SharpHound |
| 4 | Impacket | Network protocols and attack tools |
| 5 | bloodyAD | ACL abuse and AD object manipulation |
| 6 | Mimikatz | Credential dumping and manipulation |
| 7 | Rubeus | Kerberos abuse toolkit |
| 8 | Kerbrute | Username enumeration, bruteforce |
| 9 | Inveigh | LLMNR/NBNS/MDNS spoofing via PowerShell |
| 10 | Responder | LLMNR/NBNS poisoning and credential theft |
| 11 | Ligolo-ng | Reverse tunneling for internal access |
| 12 | noPac | Exploit for CVE-2021-42287 & 42278 |
| 13 | CrackMapExec | Swiss army knife for AD enumeration |
| 14 | evil-winrm | WinRM shell for red teams |
| 15 | smbmap | SMB enumeration tool |
| 16 | enum4linux | Basic SMB/NetBIOS enumeration |
| 17 | enum4linux-ng | Updated version with better support |
| 18 | windapsearch | LDAP search for Windows environments |
| 19 | LAPSToolkit | LAPS-related AD reconnaissance |
| 20 | DomainPasswordSpray | Password spraying against AD accounts |
| 21 | SharpView | PowerView rewritten in C# |
| 22 | PEASS-ng | Local privilege escalation checks |
| 23 | Seatbelt | System information collection |
| 24 | PingCastle | AD security audit and health check |
| 25 | adidnsdump | Dump AD-integrated DNS records |
| 26 | gpp-decrypt | Decrypt GPP passwords in SYSVOL |
| 27 | CVE-2021-1675 PoC | PrintNightmare exploit |
| 28 | PetitPotam | NTLM relay attack vector |
| 29 | pyWhisker | HTTP-based covert channel |
| 30 | ADRecon | AD reporting tool |
| 31 | PowerSharpPack | Collection of offensive PowerShell tools |
| 32 | ADACLScanner | Enumerates AD ACLs for attack paths |
| 33 | LDAPRelayScan | Identifies vulnerable LDAP relays |
| 34 | RustHound CE | BloodHound collector in Rust |
| 35 | Username Anarchy | Username enumeration wordlists |
| 36 | adPEAS | Active Directory enumeration tool |
| 37 | nc.exe | Netcat – network utility for Windows |
| 38 | WES-NG | Windows Exploit Suggester – Next Gen |
| 39 | PrintSpoofer | Privilege escalation via SeImpersonate |
| 40 | SQLMap | Automated SQL injection exploitation |
- Requires root privileges (
sudo) to install tools into/opt
chmod +x adtools.sh
sudo ./adtools.sh
You will be prompted to:
- Install only dependencies (helpful for first-time setup)
- Install all tools
- Choose tools manually from a numbered list
All tools will be cloned into:
/opt/adtools/
📁 Example Directory Structure:
/opt/adtools/
├── bloodhound_gui
├── sharphound
├── impacket
├── wesng_git
├── responder_git
├── sqlmap_git
└── ...
📍 Notes:
The script is idempotent—you can run it again to update or add new tools.
Some tools still require additional setup (e.g., Visual Studio for C# projects). Always check the tool's individual documentation after installation.
🇵🇱 Made in Poland by @Kar0n
This script is released under the MIT License.
All included tools remain under their respective authors’ licenses.