ADKAVEH is a PowerShell-based Script for Active Directory enumeration and authorized penetration testing. It is designed for security professionals, Red Teams, and Blue Teams who need to identify and test common Active Directory attack paths in a controlled and legal environment.

⚠️ Important: This toolkit is intended for educational use and authorized security assessments only. Running it in environments without explicit written permission may be illegal and result in severe consequences.

[+] Domain, users, groups, and computers.

[+] Kerberos-related data (SPNs, AS-REP accounts, KRBTGT status).

[+] GPOs and security policies.

[+] Kerberoasting.

[+] AS-REP roasting.

[+] Password spraying (with rate-limiting and delays).

[+] Optional Defender tamper tests (requires --ConfirmUnsafe).

[+] Credential input via Get-Credential.

[+] Configurable rate-limiting & delays.

Requirements:

[+] PowerShell 5.1+ (Windows) or PowerShell 7+ (Linux/macOS).

[+] Domain-joined system or appropriate network access.

[+] Sufficient privileges for enumeration/attacks being tested.

  git clone https://github.com/TryHackBox/ADKAVEH

  cd ADKAVEH

.\ADKAVEH.ps1 -EnumDomain

.\ADKAVEH.ps1 -PasswordSpray -UserList users.txt -Password Winter2025! -Delay 5

.\ADKAVEH.ps1 -DisableDefender -ConfirmUnsafe

[+] Use only in environments where you have explicit written permission.

[+] Some modules can disable security tools or trigger account lockouts.

[+] Default configuration includes rate-limiting and delays to reduce risk.

[+] The authors take no responsibility for misuse or damage caused by this script.

[+] Improve cross-platform testing (Linux/macOS via pwsh).

[+] Add randomized jitter for spraying delays.

[+] Harden logging and credential handling.

Twitter: @kavehxnet https://twitter.com/kavehxnet

Twitter: @OffensivePwn https://twitter.com/OffensivePwn

Star the repo.

Watch for updates.

Report issues or suggest features.

Copyright (c) 2025 Kaveh Miri. This project is licensed under the Apache 2.0 License