SkillAgentSearch skills...

Automato

automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.

GenerateConvertImprove

Install / Use

/learn @skahwah/Automato
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

automato.rb

automato uses native LDAP libraries to automate the collection and enumeration of various directory objects. This is incredibly useful during an internal penetration test.

automato can also conduct password spraying attacks, and identify if a user is a local administrator against any number of systems.

Output files are automatically created for evidence preservation.

Usage

$ ruby automato.rb
automato v2.0
Written by: Sanjiv Kawa
Twitter: @kawabungah

Commands:
  automato.rb all                                          # Run the most popular features. (computers, users, groups, priv, attributes)
  automato.rb attr                                         # Get the account attributes for all domain users.
  automato.rb bad                                          # Get the bad password count for all domain users.
  automato.rb computers                                    # Get all domain computers.
  automato.rb groups                                       # Get all domain groups.
  automato.rb help [COMMAND]                               # Describe available commands or one specific command
  automato.rb laps                                         # Get the laps password for systems in the network
  automato.rb localadmin DOMAIN USERNAME PASSWORD IP_FILE  # Identify if a user is a local admin against a list of IP's with SMB open
  automato.rb member GROUP                                 # List all users in a supplied domain GROUP.
  automato.rb priv                                         # Recurse through administrative groups and get users from all nested groups.
  automato.rb spray USER_FILE PASSWORD                     # Conduct a password spraying attack against the domain using a USER_FILE and common PASSWORD
  automato.rb user USER                                    # Get the group memberships for a supplied USER
  automato.rb users                                        # Get all domain users.

$

I usually use the following command once domain user credentials have been obtained:

$ ruby automato.rb all

General Use

asciicast

Retrieve LAPS passwords

asciicast

Password Spraying

asciicast

Local Administrator Enumeration

asciicast

Related Skills

node-connect

352.2k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

111.1k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

352.2k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

qqbot-media

352.2k

QQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。

skahwah

View profile

View on GitHub
GitHub Stars72
CategoryDevelopment
Updated6mo ago
Forks10
skahwah/automato

Languages

Ruby

Security Score

72/100

Audited on Oct 4, 2025

No findings