Report Overview
Submitted URL
github.com/sense-of-security/ADRecon/archive/master.zip
IP
140.82.121.3
ASN
#36459 GITHUB
Submitted
2024-03-29 07:41:28
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1
Domain Summary
Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
---|---|---|---|---|---|---|---|
github.com | 1423 | 2007-10-09 | 2016-07-13 | 2024-03-24 | 509 B | 3.5 kB | 140.82.121.4 |
codeload.github.com | 62359 | 2007-10-09 | 2013-04-18 | 2024-03-28 | 521 B | 630 kB | 140.82.121.10 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
codeload.github.com/sense-of-security/ADRecon/zip/refs/heads/master
IP
140.82.121.10
ASN
#36459 GITHUB
File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
629 kB (629279 bytes)
Hash
db13ce921919327c7b30376ae72179c9
a81d37ccf7c91cd0810d5303fad5ee73632c146a
Archive (95)
Filename | Md5 | File type |
---|---|---|
ADRecon.ps1 | 6008e6c3deaa08fb420d5efd469590c6 | Unicode text, UTF-8 (with BOM) text, with very long lines (504) |
LICENSE.md | 3e00ca6129dc8358315015204ab9fe15 | ASCII text |
README.md | 7a407cb90a282d103794e836abaed88c | ASCII text, with very long lines (462) |
ACLs.csv | 337b72dcd3cc6b73811f800c35ff9f9f | CSV text |
AboutADRecon.csv | 0ef840dc45e9178b150667bf441f9edf | CSV text |
BitLockerRecoveryKeys.csv | 8a7479de5a36bd482b0434925283f615 | CSV text |
ComputerSPNs.csv | 419b719197f25540d0a915060c756e05 | CSV text |
Computers.csv | fc5e27a0132b3cfd7efcbee3d174df86 | CSV text |
DNSNodes.csv | e8d51a4d41d3755b0770ed44f63038b6 | CSV text |
DNSZones.csv | b653dde8e3387e6655bd9728e7fd68e2 | CSV text |
DefaultPasswordPolicy.csv | c4a5edfc8473a562044330fe43e9a7af | CSV text |
Domain.csv | a8d935396201850b234521ce7dc719d2 | CSV text |
DomainControllers.csv | 153335006aa29c211a04d063b21ca1e8 | ASCII text |
FineGrainedPasswordPolicy.csv | 3f6450000479b294085b672d5f9a1b66 | CSV text |
Forest.csv | 114b9eecfabb184b6d7dfe275f715098 | CSV text |
GPOs.csv | 14437cec900c51d47d06479a1f4e7c16 | CSV text |
GroupMembers.csv | 70e7565059831dc0471d3fddcf01a902 | CSV text |
Groups.csv | dc9b66becfa44db2f419f5e761a7dbe8 | CSV text |
LAPS.csv | db93696723ab97f43d884dfdd4ea0dba | CSV text |
OUs.csv | c1e95d72c657d80fa63d120854542094 | CSV text |
Sites.csv | f74d5871ad7bcd7e3595c875f0a21337 | ASCII text |
Subnets.csv | 9616187cc2b5c9c3fca6eb20fdbb8611 | ASCII text |
Trusts.csv | 3889008e3c1862a25277e7c4d24f349d | ASCII text |
UserSPNs.csv | 26c5829788ccdff4a624d6d07d236b35 | CSV text |
Users.csv | 5ca05f0d364f30848eb033894926821f | CSV text |
GPO-Report.html | e26dadacf466ad9526528f4c27d8cf6e | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (367), with CRLF line terminators |
GPO-Report.xml | bf27cd7ab73936f47fd916f218c3cbd1 | XML 1.0 document, Unicode text, UTF-16, little-endian text, with very long lines (2349), with CRLF, LF line terminators |
ACLs.html | cc99833f84e5b74e61935230a41fb07e | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (607), with CRLF line terminators |
AboutADRecon.html | 2c7a74f081924cf11098e389ca3e462b | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
BitLockerRecoveryKeys.html | d33d256d102b8aca9ddf64a7ced0d33f | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (344), with CRLF line terminators |
ComputerSPNs.html | aa230d041e19517254b6e53c15fb64ce | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Computers.html | 2e5ac1231f595a5dfd2d2b353fbf421b | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (765), with CRLF line terminators |
DNSNodes.html | 05ce5ca71cbcc6e99c39d1a68075e16a | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (422), with CRLF line terminators |
DNSZones.html | b526cc5bae13abe2a8df6de68e46b978 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
DefaultPasswordPolicy.html | f5b3f733b8fc74963a7e2df8c4381f56 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Domain.html | b1969d8abc35ddc005ceb640e6994237 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
DomainControllers.html | 80b00b1959b1b2b8b3917675c2c7e0a9 | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (352), with CRLF line terminators |
FineGrainedPasswordPolicy.html | ccca0810c2f22779323dbe75677eb623 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Forest.html | ea1132dd6afdd35400f207511e5295fc | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
GPOs.html | b629c1e435eb74883f4249cd62bc8294 | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (338), with CRLF line terminators |
GroupMembers.html | 1a3c4c2ce80202898c4b4a5cd2189796 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Groups.html | f7555a8b8026ec7e824ddcdd72f261ad | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (681), with CRLF line terminators |
LAPS.html | df6e50c8b34e2ba573c59d9b2f83de47 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
OUs.html | 55a173701ce3c61861f276336c3e8755 | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (574), with CRLF line terminators |
Sites.html | d4cea99adf8c95816635c510be8d23f1 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Subnets.html | 3d203abe47ef229de671447ce29e6e17 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Trusts.html | 17c29db96a875daf9c058f33c947d525 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
UserSPNs.html | 6f0454634db6d965e5a8fe1729eb2547 | HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Users.html | d969dbaabac53cf0d17062fdd2291a7c | HTML document, Unicode text, UTF-16, little-endian text, with very long lines (1092), with CRLF line terminators |
ACLs.json | 37fe17731abc389ab662b5abfd63681d | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
AboutADRecon.json | 4372310c8cc60371723a14d71508c13f | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
BitLockerRecoveryKeys.json | 3beac78e8a11180d1c1411f09ca7ff80 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
ComputerSPNs.json | bc688b6bcf604a7ffe39645b894b1565 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Computers.json | a3c2bea834353a8023104a2e000a11e4 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
DNSNodes.json | a87fd944b99b04f94155f2b1de12c807 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
DNSZones.json | 20724248d26bc82b3b460b53c4ce7d27 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
DefaultPasswordPolicy.json | 7ad93b0f36f981f331ed0ca2814bd42a | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Domain.json | 6adb64ea93629dc1e045c263bc426bcf | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
DomainControllers.json | 44254f95e1f582c203f05eff4080e99f | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
FineGrainedPasswordPolicy.json | 4bcf41729c78e1f1f563cc1504f31689 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Forest.json | 5cdb5a2529fb97d4b287791a91c64c04 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
GPOs.json | 139c42d2c4cb90c0b916b2990703f503 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
GroupMembers.json | 95c5f0eb0d4775e9c20e84934b0e4a99 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Groups.json | d847145263b3b7170ec42991a29d7301 | Unicode text, UTF-16, little-endian text, with very long lines (411), with CRLF line terminators |
LAPS.json | 675afc76fee9314646c7bc67b7cf9107 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
OUs.json | cd1b229b350568088efdf62ad9441a53 | Unicode text, UTF-16, little-endian text, with very long lines (392), with CRLF line terminators |
Sites.json | 86a033151aa5a9fc53d598c39fd4c836 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Subnets.json | 823b4daaec53904b6c916c34ec6e4771 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Trusts.json | e5da2203965d76869336efd2dc34e0b0 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
UserSPNs.json | 549d89cb1796c592d5ebe929c2064ed5 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
Users.json | 9c89add85c15cbdb0c9d2f520e07c195 | Unicode text, UTF-16, little-endian text, with CRLF line terminators |
ACLs.xml | adbde841f3f235e7863c6e20bc230f7e | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
AboutADRecon.xml | 19eb5c5ef3761c1ea16efdab4b4901d2 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
BitLockerRecoveryKeys.xml | ad061db2ca2b7e1c2299cffffb9f1a51 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
ComputerSPNs.xml | 4d60eef3a5e8a5a11acba12bda4a3a68 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Computers.xml | 8682d6c19959b0336d9a0f3834e09386 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
DNSNodes.xml | 40c0987b81374dc8b25bdabd30058b57 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
DNSZones.xml | 97718f1d49971c13e068a2a155d8fccd | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
DefaultPasswordPolicy.xml | 33dfebb815f741cabc805a54801a002a | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Domain.xml | b34f00c1a57907baf89cee8875983fa3 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
DomainControllers.xml | f829611b9bfea773a0d502fcb73d64f4 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
FineGrainedPasswordPolicy.xml | fcde9a58d48e81f2808b8ee6a528645e | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Forest.xml | 9ced38975dc7a1ff264e8fe8b6b8e511 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
GPOs.xml | 0eecc4be1b3212bbdb1313ea8b379ffc | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
GroupMembers.xml | 9108170aa5bd02b2662539ae0cb657bd | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Groups.xml | 1fc7878cec9cdb722a4748e9abd16a37 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (416) |
LAPS.xml | 04fa3649c6307d47fc3301b96072d8ec | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
OUs.xml | 634da756e67ce6d76449454cbd1fd854 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (397) |
Sites.xml | a27aaf5b6024519a894156a8f20bd369 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Subnets.xml | e36476423fb9de79e6e05c7328425e85 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Trusts.xml | e8a50e110a4e5e3745f89c0cb2b00c11 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
UserSPNs.xml | 9e8a06d7d75e4410bd9431757175f15a | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
Users.xml | db10285d48137889e47dab0c7f07f4a1 | XML 1.0 document, Unicode text, UTF-8 (with BOM) text |
sos.labs-ADRecon-Report.xlsx | 1188f866b69da9dad5943c553ada9cf7 | Microsoft Excel 2007+ |
Console-Output.txt | 66f092e48112c6f9556d44d0c29d3864 | Hewlett-Packard Graphics Language, starting with "PS C:\ADRecon> .\ADRecon.ps1 -OutputType All -Verbose" with "[*] ADReco" |
Detections
Analyzer | Verdict | Alert |
---|---|---|
VirusTotal | malicious |
JavaScript (0)
HTTP Transactions (2)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
github.com/sense-of-security/ADRecon/archive/master.zip | 140.82.121.4 | 302 Found | 0 B | |||||||
HTTP Headers
| ||||||||||
codeload.github.com/sense-of-security/ADRecon/zip/refs/heads/master | 140.82.121.10 | 200 OK | 629 kB | |||||||
Detections
HTTP Headers
| ||||||||||