Skip to content

Snaffler, a tool for enumerating creds and shares in Active Directory

Snaffler is a tool for pentesters and red teamers to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment). Broadly speaking - it gets a list of Windows computers from Active Directory, then spreads out its snaffly appendages to them all to figure out which ones have file shares, and whether you can read them.

Basic usage

1
2
3
4
5
6
Snaffler.exe -s -d $domain -o snaffler.log -v data
# -s:  prints results to the console 
# -d: specifies the domain to search within
# -o: writes results to a logfile
# -v: verbosity level. "data" is best as it only displays results to the screen
# .\Snaffler.exe -s -d INLANEFREIGHT.LOCAL -o snaffler.log -v data
Last update: 2025-05-18
Created: December 27, 2024 22:00:41