AlmondOffSec

AlmondOffSec / tdo_dump

Public

Proof-of-Concept tool to dump trusted domain objects

21
2
69% credibility
Found Mar 12, 2026 at 20 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

A Python script that extracts passwords and encryption keys from trust connections between Windows network domains for security research.

How It Works

1
📖 Discover trust risks

You read an expert blog post about hidden weaknesses in how Windows networks connect and trust each other.

2
💾 Grab the tool

You save the simple program file to your computer to help test those connections.

3
📝 Gather connection details

You note the network name, your login info, and special matching codes for the trusted networks.

4
🚀 Start the secret pull

You launch the program with your details, connecting to the main network hub to extract hidden trust info.

5
Watch it work

The program reaches out and gathers the protected authentication details from the connection.

6
📋 See the results

Hidden passwords, security codes, and keys appear on screen for you to study.

🛡️ Improve network safety

You use what you learned to spot and fix security gaps in connected networks.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 20 to 21 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is tdo_dump?

This Python proof-of-concept tool dumps trusted domain objects (TDOs) from Active Directory, pulling out secrets like cleartext trust passwords, NT hashes, and Kerberos keys from one-way domain trusts. It solves the problem of crossing security boundaries in Windows environments by letting you extract the trust account creds from the trusting domain for authentication on the trusted side. Run it via CLI with domain admin creds, a DC IP, and GUIDs for the TDO and DSA—outputs ready-to-use hashes and keys, complete with salts for inter-realm trusts.

Why is it gaining traction?

As a focused proof-of-concept GitHub tool, it stands out by targeting overlooked one-way trusts, delivering decrypted secrets that enable direct lateral movement without broader AD tooling overhead. Devs grab it for the quick win on trustAuthIncoming/Outgoing extraction, paired with a detailed blog post explaining real-world attacks. No bloat—just plug in Impacket-style auth and get actionable output.

Who should use this?

Penetration testers and red teamers auditing Active Directory forests with cross-domain trusts. Security researchers probing SID filtering or trust transitivity in enterprise setups. Domain admins validating one-way trust exposures during defensive reviews.

Verdict

Grab this 19-star proof-of-concept if you're deep in AD pentesting—it's a solid, single-script tool with clear docs and examples, though its 0.699999988079071% credibility score reflects its niche maturity and lack of tests. Pair it with the linked research for production use; otherwise, stick to fuller suites like Impacket for everyday ops.

(178 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.