Hello, aspiring Ethical Hackers. In our previous blogpost, you learnt what is enumeration, why it is important in pen testing and what are the various types of enumeration. In this blogpost, you will learn about LDAP enumeration.
What is LDAP?
Lightweight Directory Access Protocol (LDAP) is a protocol that enables users to locate data about the organization, users and other resources like files and devices in a network. LDAP is also used as a central server for authentication. LDAP runs on port 389. Learn how LDAP works.
What information does LDAP enumeration reveal?
By enumerating LDAP, attackers can gather important information like valid usernames, addresses and other data about organization that can help as the hack progresses.
How to perform LDAP enumeration?
There are many tools that can be used to enumerate LDAP. For this article, let’s see how to perform it using a Nmap script. The script we use is “ldap and not brute”.