Skip to content

v0.4.0

Choose a tag to compare

View all tags
@StrongWind1 StrongWind1 released this 08 Jun 00:34
· 7 commits to main since this release
v0.4.0
This tag was signed with the committer’s verified signature.
StrongWind1 StrongWind
SSH Key Fingerprint: Qmf8fmUKNTZ6ZgfBYeZQGvmmwxRH1vlYwTFmOFizaDM
Verified
Learn about vigilant mode.
f95eda2
This commit was signed with the committer’s verified signature.
StrongWind1 StrongWind
SSH Key Fingerprint: Qmf8fmUKNTZ6ZgfBYeZQGvmmwxRH1vlYwTFmOFizaDM
Verified
Learn about vigilant mode.

Makes "dump everything" the default — every object now carries a complete _unmapped raw-attribute passthrough, bringing attribute coverage to parity with, and beyond, ntdissector.

Added

  • Every object now carries an _unmapped field in the structured formats (NDJSON/JSON/CSV): a raw passthrough of every stored LDAP attribute and linked attribute the curated decoders did not already parse, so nothing in the database is dropped (NTDSWolf's primary goal). Values are kept verbatim when printable ASCII (0x20-0x7E) and hex-encoded otherwise; dissect's internal structural columns and already-curated attributes are excluded. Enumeration is per-attribute and falls back to the raw value, so a single undecodable attribute (e.g. a schema attributeID with no OID mapping) no longer drops the rest. This brings attribute coverage to parity with, and beyond, ntdissector. The hashcat and pwdump outputs are unaffected.

Install

uv tool install git+https://github.com/StrongWind1/NTDSWolf@v0.4.0

Full changelog: https://github.com/StrongWind1/NTDSWolf/blob/main/CHANGELOG.md · Docs: https://strongwind1.github.io/NTDSWolf/

Assets 2
Loading