DC-Sonar – Analyzing AD Domains For Security Risks Related To User Accounts


The project consists of repositories:


It’s only for education purposes.

Avoid using it on the production Active Directory (AD) domain.

Neither contributor incur any responsibility for any using it.

Social media

Check out our Red Team community Telegram channel

Description Architecture

For the visual descriptions, open the diagram files using the diagrams.net tool.

The app consists of:


The DC Sonar Community provides functionality for analyzing AD domains for security risks related to accounts:

Register analyzing AD domain in the app

See the statuses of domain analyzing processes

Dump and brute NTLM hashes from set AD domains to list accounts with weak and vulnerable passwords

Analyze AD domain accounts to list ones with never expire passwords

Analyze AD domain accounts by their NTLM password hashes to determine accounts and domains where passwords repeat

Installation Docker

In progress …

Manually using dpkg

It is assumed that you have a clean Ubuntu Server 22.04 and account with the username “user”.

The app will install to /home/user/dc-sonar.

The next releases maybe will have a more flexible installation.

Download dc_sonar_NNNN.N.NN-N_amd64.tar.gz from the last distributive to the server.

Create a folder for extracting files:

mkdir dc_sonar_NNNN.N.NN-N_amd64

Extract the downloaded archive:

tar -xvf dc_sonar_NNNN.N.NN-N_amd64.tar.gz -C dc_sonar_NNNN.N.NN-N_amd64

Go to the folder with the extracted files:

cd dc_sonar_NNNN.N.NN-N_amd64/

Install PostgreSQL:

sudo bash install_postgresql.sh

Install RabbitMQ:

sudo bash install_rabbitmq.sh

Install dependencies:

sudo bash install_dependencies.sh

Read more

Explore the site

More from the blog

Latest News