-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Ghostline is an interactive Bash toolkit that automates Active Directory enumeration by wrapping 10+ professional security tools behind a single, predictable menu. It covers both passive reconnaissance (no credentials) and active enumeration (with credentials), and writes every result into one timestamped directory.
⚠️ Authorized targets only. Use Ghostline solely against systems you own or for which you hold explicit written permission to test. See Legal & Safe Use.
| Page | What it covers |
|---|---|
| Installation | Prerequisites, install.sh, manual setup, what gets installed where. |
| Getting Started | First launch, menu navigation, a complete first run. |
| Configuration | Setting target, domain, credentials and output directory. |
| Passive Enumeration | Nmap, enum4linux-ng, rpcclient, ldapsearch, dnsrecon. |
| Active Enumeration | BloodHound, CrackMapExec, adidnsdump, GetNPUsers, ridenum. |
| Special Actions | Auto workflow, SMB vuln scan, secretsdump, results viewer. |
| Output & Results | Directory layout and how to import findings. |
| Troubleshooting | Common errors and fixes. |
| Legal & Safe Use | Scope, authorization, operational safety. |
Main Menu
├── [1] Configuration Target / domain / credentials / output
├── [2] Passive Enumeration No credentials required
├── [3] Active Enumeration Credentials required
├── [4] Special Actions Workflows, vuln scans, secrets, results
└── [0] Exit
A typical session:
git clone https://github.com/WhiteMuush/Ghostline.git
cd Ghostline
sudo ./install.sh # one-time, installs every tool
./ghostline.sh # launch the menuThen: [1] Configuration to set the target → [2] Passive or [3] Active to enumerate → [4] → View Results to review. Everything lands in ad_enum_YYYYMMDD_HHMMSS/.
Ghostline is intentionally a thin, transparent wrapper. It does not reinvent any tool, it calls the real binaries (nmap, bloodhound-python, secretsdump.py, …) with sensible AD-focused flags and tees their output to disk. If a tool is missing, the relevant menu entry warns you and tells you how to install it instead of failing silently.
For the codebase layout and how to plug in a new tool, see docs/ARCHITECTURE.md and docs/ADDING_A_TOOL.md in the repository.
Ghostline — Active Directory enumeration toolkit by Melvin PETIT · MIT License ·
Getting set up
Enumeration
Reference