CrackMapExec
A swiss army knife for pentesting networks
An archived Python toolkit for security professionals to test Windows networks and Active Directory environments, no longer maintained by the original author, with active development moved to a community fork.
CrackMapExec is a Python tool built for network penetration testing, meaning it is designed to help security professionals assess Windows networks and Active Directory environments for weaknesses. The description calls it a swiss army knife for pentesting networks, indicating it covers a range of tasks rather than doing just one thing.
The README for this repository is brief and contains an important notice: the project is no longer maintained by the original author, who states the reason is the existence of a hostile fork. Development has effectively moved elsewhere. The README points to a separate wiki site for documentation and usage examples, but that external resource is not reproduced here.
The project was inspired by earlier tools in the Windows network security testing space, including CredCrack, smbexec, and smbmap, and it drew from techniques found in PowerShell-based offensive security projects. Topics listed with the repository include Active Directory, networks, pentesting, PowerShell, Python, and Windows, which gives a sense of its intended domain.
Because this repository is archived and no longer actively developed, anyone looking to use or contribute to CrackMapExec should look for the maintained fork referenced by the community rather than this original repository.
Where it fits
- Test a Windows network for weak or reused credentials across multiple SMB hosts during an authorized penetration test.
- Enumerate Active Directory users, groups, and shared drives to map attack surface before a security assessment.
- Assess SMB network exposure by running automated checks across a range of IP addresses in a corporate environment.