# Unconstrained Delegation

NetExec allows you to retrieve the list of all computers and users with the flag **TRUSTED\_FOR\_DELEGATION**

```bash
nxc ldap 192.168.0.104 -u harry -p pass --trusted-for-delegation
```

### Alternatives Tools

{% embed url="<https://github.com/ropnop/windapsearch>" %}

{% embed url="<https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1>" %}

### Resources:

{% embed url="<https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf>" %}

{% embed url="<https://beta.hackndo.com/unconstrained-delegation-attack/>" %}

{% embed url="<https://dirkjanm.io/krbrelayx-unconstrained-delegation-abuse-toolkit/>" %}

{% embed url="<https://posts.specterops.io/hunting-in-active-directory-unconstrained-delegation-forests-trusts-71f2b33688e1>" %}