{"id":33670,"date":"2024-07-05T06:12:34","date_gmt":"2024-07-05T06:12:34","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=33670"},"modified":"2024-07-05T06:12:35","modified_gmt":"2024-07-05T06:12:35","slug":"ldap-firewall","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/","title":{"rendered":"LDAP Firewall &#8211; Enhancing Security With Advanced Active Directory Protection"},"content":{"rendered":"\n<p><code>LDAP Firewall<\/code>\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.<br><\/p>\n\n\n\n<p>Its primary use-cases are to protect Domain Controllers, block LDAP-based attacks and tightly control access to the Active Directory schema (e.g enforcing read-only access for users).<br><\/p>\n\n\n\n<p>The tool is written in C++ and makes use of the\u00a0<a href=\"https:\/\/github.com\/microsoft\/Detours\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Microsoft Detours<\/a>\u00a0and\u00a0<a href=\"https:\/\/github.com\/open-source-parsers\/jsoncpp\">JsonCpp<\/a>\u00a0packages.<\/p>\n\n\n\n<p>Some useful resources to get you started:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Introduction blog post\u00a0&#8211; basics of LDAP and overview of the tool<\/li>\n\n\n\n<li>Technical Deep Dive blog post\u00a0&#8211; reverse-engineering the Windows LDAP service and how LDAP Firewall works<\/li>\n\n\n\n<li>Leash the Hounds\u00a0&#8211; how to stop BloodHound and other LDAP-based recon attacks using the LDAP Firewall<\/li>\n\n\n\n<li>Tutorial video\u00a0&#8211; covers how to install and use the tool<\/li>\n\n\n\n<li>LDAP Firewall Workshop video\u00a0&#8211; from DEATHCon 2023<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Main Features<\/strong><a href=\"https:\/\/github.com\/zeronetworks\/ldapfw?tab=readme-ov-file#main-features\"><\/a><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Allow \/ block incoming LDAP queries based on different parameters (operation type, source IP, user, DN etc.)<\/li>\n\n\n\n<li>Event logging for LDAP queries<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>How It Works<\/strong><a href=\"https:\/\/github.com\/zeronetworks\/ldapfw?tab=readme-ov-file#how-it-works\"><\/a><\/h2>\n\n\n\n<p>The LDAP Firewall inspects incoming\u00a0<a href=\"https:\/\/ldap.com\/ldap-operation-types\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LDAP operations<\/a>\u00a0(which are used to read or modify entries in the AD schema) and allows or blocks the request based on the configured rules.<br><\/p>\n\n\n\n<p>The operation also gets written into the Windows Event Log with the LDAPFW action and other relevant fields (Distinguished Name, attributes, OID etc.).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Who Is This Made For?<\/strong><a href=\"https:\/\/github.com\/zeronetworks\/ldapfw?tab=readme-ov-file#who-is-this-made-for\"><\/a><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Security Engineers<\/strong>\u00a0who want to control LDAP access and achieve a Least Privilege model<\/li>\n\n\n\n<li><strong>Threat Hunters and SOC analysts<\/strong>\u00a0who want to be create detections and perform investigations around LDAP<\/li>\n\n\n\n<li><strong>Security Researchers<\/strong>\u00a0who want to explore and deepen their understanding of the protocol<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Preventing Attacks With LDAPFW<\/strong><a href=\"https:\/\/github.com\/zeronetworks\/ldapfw?tab=readme-ov-file#preventing-attacks-with-ldapfw\"><\/a><\/h2>\n\n\n\n<p>This section describes some common LDAP-based attacks that can be mitigated with the LDAP Firewall.<br>Sample\u00a0config.json\u00a0files can be found in the\u00a0<a href=\"https:\/\/github.com\/zeronetworks\/ldapfw\/blob\/master\/example_configs\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">example_configs<\/a>\u00a0folder of this repository.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>sAMAccountName Spoofing<\/strong><\/h3>\n\n\n\n<p>LDAPFW can be configured to block all\u00a0<a href=\"https:\/\/ldap.com\/the-ldap-add-operation\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Add operations<\/a>\u00a0in order to completely prevent\u00a0<a href=\"https:\/\/www.thehacker.recipes\/ad\/movement\/kerberos\/samaccountname-spoofing#cve-2021-42278-name-impersonation\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Name Impersonation<\/a>\u00a0(<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-42278\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">CVE-2021-42278<\/a>) and thus defend against\u00a0<a href=\"https:\/\/www.thehacker.recipes\/ad\/movement\/kerberos\/samaccountname-spoofing\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">sAMAccountName spoofing<\/a>.<\/p>\n\n\n\n<p>For more information click <a href=\"https:\/\/github.com\/zeronetworks\/ldapfw?tab=readme-ov-file#getting-started\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests. Its primary use-cases are to protect Domain Controllers, block LDAP-based attacks and tightly control access to the Active Directory schema (e.g enforcing read-only access for users). The tool is written in C++ and makes use of the\u00a0Microsoft Detours\u00a0and\u00a0JsonCpp\u00a0packages. [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":33673,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20],"tags":[737,6321,6052,6325,6826],"class_list":["post-33670","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools","tag-ldap-firewall"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>LDAP Firewall - Enhancing Security With Advanced Active Directory<\/title>\n<meta name=\"description\" content=\"LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"LDAP Firewall - Enhancing Security With Advanced Active Directory\" \/>\n<meta property=\"og:description\" content=\"LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-05T06:12:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-05T06:12:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"LDAP Firewall &#8211; Enhancing Security With Advanced Active Directory Protection\",\"datePublished\":\"2024-07-05T06:12:34+00:00\",\"dateModified\":\"2024-07-05T06:12:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\"},\"wordCount\":331,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp\",\"keywords\":[\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\",\"LDAP Firewall\"],\"articleSection\":[\"Cyber security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\",\"name\":\"LDAP Firewall - Enhancing Security With Advanced Active Directory\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp\",\"datePublished\":\"2024-07-05T06:12:34+00:00\",\"dateModified\":\"2024-07-05T06:12:35+00:00\",\"description\":\"LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp\",\"width\":\"1600\",\"height\":\"900\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"LDAP Firewall - Enhancing Security With Advanced Active Directory","description":"LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/","og_locale":"en_US","og_type":"article","og_title":"LDAP Firewall - Enhancing Security With Advanced Active Directory","og_description":"LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.","og_url":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2024-07-05T06:12:34+00:00","article_modified_time":"2024-07-05T06:12:35+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"LDAP Firewall &#8211; Enhancing Security With Advanced Active Directory Protection","datePublished":"2024-07-05T06:12:34+00:00","dateModified":"2024-07-05T06:12:35+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/"},"wordCount":331,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","keywords":["cybersecurity","informationsecurity","kalilinux","kalilinuxtools","LDAP Firewall"],"articleSection":["Cyber security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/","url":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/","name":"LDAP Firewall - Enhancing Security With Advanced Active Directory","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","datePublished":"2024-07-05T06:12:34+00:00","dateModified":"2024-07-05T06:12:35+00:00","description":"LDAP Firewall\u00a0is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/ldap-firewall\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/ldap-firewall\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","width":"1600","height":"900"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgK6conTTQit8rE4BuF3KCmtl718I-CRJQ6kOGdy2xejfnp8J4o4D1FSgYPT_W-1RI8OsUV2QvOQ_lOrBO7NkUJuEswZ5wqydy09PcnqhVsSA7Ds-BO2jI7cASW3jMcgNF7PP8N2FX4NrJqjsfeukErlWxPb2ORlwxSXKIyAPisEeL2RC-2iOgdODgLmqGM\/s16000\/LDAP%20Firewall.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":31565,"url":"https:\/\/kalilinuxtutorials.com\/ldap-nom-nom\/","url_meta":{"origin":33670,"position":0},"title":"LDAP Nom Nom: Insane-Speed Active Directory User Enumeration via LDAP Ping Exploitation","author":"Varshini","date":"December 21, 2023","format":false,"excerpt":"With the help of LDAP Ping requests (cLDAP), \"LDAP Nom Nom\" is a powerful tool that quickly and quietly brute-forces Active Directory usernames. This piece goes into great detail about LDAP Nom Nom, explaining what it can do and how it might affect cybersecurity. It works very quickly and can\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhy8u2V015fClTEbOmeIBUnRlfcnnJEzEbBbAMa18eAaZuDJ2_QLPkeB2EJJtW-z7osIJsI6ZjqzhA_-u2TYQamIgqAdu-kVCr2B-GUX2oKrc4P8SZv2bPtF6gqEUWpgp8R9Dwc94-cV_smYAe8NdEVNEdhAF6Gmikoim4oyuMshX_7kP8hyphenhyphenWCqhLGOLQ\/s16000\/LDAP%20Nom%20Nom.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhy8u2V015fClTEbOmeIBUnRlfcnnJEzEbBbAMa18eAaZuDJ2_QLPkeB2EJJtW-z7osIJsI6ZjqzhA_-u2TYQamIgqAdu-kVCr2B-GUX2oKrc4P8SZv2bPtF6gqEUWpgp8R9Dwc94-cV_smYAe8NdEVNEdhAF6Gmikoim4oyuMshX_7kP8hyphenhyphenWCqhLGOLQ\/s16000\/LDAP%20Nom%20Nom.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhy8u2V015fClTEbOmeIBUnRlfcnnJEzEbBbAMa18eAaZuDJ2_QLPkeB2EJJtW-z7osIJsI6ZjqzhA_-u2TYQamIgqAdu-kVCr2B-GUX2oKrc4P8SZv2bPtF6gqEUWpgp8R9Dwc94-cV_smYAe8NdEVNEdhAF6Gmikoim4oyuMshX_7kP8hyphenhyphenWCqhLGOLQ\/s16000\/LDAP%20Nom%20Nom.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhy8u2V015fClTEbOmeIBUnRlfcnnJEzEbBbAMa18eAaZuDJ2_QLPkeB2EJJtW-z7osIJsI6ZjqzhA_-u2TYQamIgqAdu-kVCr2B-GUX2oKrc4P8SZv2bPtF6gqEUWpgp8R9Dwc94-cV_smYAe8NdEVNEdhAF6Gmikoim4oyuMshX_7kP8hyphenhyphenWCqhLGOLQ\/s16000\/LDAP%20Nom%20Nom.webp?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":26460,"url":"https:\/\/kalilinuxtutorials.com\/silenthound\/","url_meta":{"origin":33670,"position":1},"title":"SilentHound : Quietly Enumerate An Active Directory Domain Via LDAP Parsing Users, Admins, Groups, Etc.","author":"R K","date":"August 16, 2022","format":false,"excerpt":"SilentHound Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc. Created by\u00a0Nick Swink\u00a0from\u00a0Layer 8 Security. Installation Using pipenv (recommended method) sudo python3 -m pip install --user pipenvgit clone https:\/\/github.com\/layer8secure\/SilentHound.gitcd silenthoundpipenv install From requirements.txt (legacy) \u00a0This method is not recommended because python-ldap can cause many dependency errors.\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":13169,"url":"https:\/\/kalilinuxtutorials.com\/msldap\/","url_meta":{"origin":33670,"position":2},"title":"Msldap : LDAP Library For Auditing MS AD","author":"R K","date":"June 4, 2021","format":false,"excerpt":"Msldap is a tool for (LDAP) LightWeight Directory Acess Protocol library for MS AD. Features Comes with a built-in console LDAP clientAll parameters can be conrolled via a conveinent URL (see below)Supports integrated windows authentication (SSPI) both with NTLM and with KERBEROSSupports channel binding (for ntlm and kerberos not SSPI)Supports\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6310,"url":"https:\/\/kalilinuxtutorials.com\/ldapdomaindump-active-directory-ldap\/","url_meta":{"origin":33670,"position":3},"title":"LdapDomainDump : Active Directory Information Dumper via LDAP","author":"R K","date":"August 26, 2019","format":false,"excerpt":"LDAPDomainDump is an Active Directory information dumper via LDAP. In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in the recon phase of a pentest of an internal network.\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":17455,"url":"https:\/\/kalilinuxtutorials.com\/sharplaps\/","url_meta":{"origin":33670,"position":4},"title":"SharpLAPS : Retrieve LAPS Password From LDAP","author":"R K","date":"August 9, 2021","format":false,"excerpt":"SharpLAPS is a tool to Retrieve LAPS Password From LDAP. The attribute\u00a0ms-mcs-AdmPwd\u00a0stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using\u00a0execute-assembly. It will retrieve the\u00a0LAPS\u00a0password from the Active Directory. Require (either): Account with\u00a0ExtendedRight\u00a0or\u00a0Generic All RightsDomain Admin privilege Usage _ _ _ \/ \/\/\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":24945,"url":"https:\/\/kalilinuxtutorials.com\/krbrelay\/","url_meta":{"origin":33670,"position":5},"title":"KrbRelay : Framework For Kerberos Relaying","author":"R K","date":"May 30, 2022","format":false,"excerpt":"KrbRelay should be working on most fully patched Windows systems. There may be difficulties with Server OS in lab environments because of the firewall blocking the OXID resolver however, this will most likely not be an issue during real life engagements, same goes for CLSIDs. Supported Protocols and Features Some\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh6NBgr2UP1pJ7UicvMilzm4KAQV-z_iYnZ_71hDbyp8Oy1svNNhDfWj750qIJWg198zW2el60opwo7hEzW3c2HasuGQCCXm2Qeklrwon87m37yFijBCJ2PPfUXVe-q8r_OODezLGrCbSkI2bCVhpxYQzoUOBzvNt8jxqdR0IkR2_foAVc78N1pDJ18\/s728\/Kerberos-CD-a%20%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh6NBgr2UP1pJ7UicvMilzm4KAQV-z_iYnZ_71hDbyp8Oy1svNNhDfWj750qIJWg198zW2el60opwo7hEzW3c2HasuGQCCXm2Qeklrwon87m37yFijBCJ2PPfUXVe-q8r_OODezLGrCbSkI2bCVhpxYQzoUOBzvNt8jxqdR0IkR2_foAVc78N1pDJ18\/s728\/Kerberos-CD-a%20%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh6NBgr2UP1pJ7UicvMilzm4KAQV-z_iYnZ_71hDbyp8Oy1svNNhDfWj750qIJWg198zW2el60opwo7hEzW3c2HasuGQCCXm2Qeklrwon87m37yFijBCJ2PPfUXVe-q8r_OODezLGrCbSkI2bCVhpxYQzoUOBzvNt8jxqdR0IkR2_foAVc78N1pDJ18\/s728\/Kerberos-CD-a%20%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh6NBgr2UP1pJ7UicvMilzm4KAQV-z_iYnZ_71hDbyp8Oy1svNNhDfWj750qIJWg198zW2el60opwo7hEzW3c2HasuGQCCXm2Qeklrwon87m37yFijBCJ2PPfUXVe-q8r_OODezLGrCbSkI2bCVhpxYQzoUOBzvNt8jxqdR0IkR2_foAVc78N1pDJ18\/s728\/Kerberos-CD-a%20%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/33670","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=33670"}],"version-history":[{"count":3,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/33670\/revisions"}],"predecessor-version":[{"id":33674,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/33670\/revisions\/33674"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/33673"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=33670"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=33670"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=33670"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}