Documentation Index
Fetch the complete documentation index at: https://mintlify.com/the-useless-one/pywerview/llms.txt
Use this file to discover all available pages before exploring further.
get-netdomaintrust queries Active Directory via LDAP for all trustedDomain objects, revealing the trust relationships a domain maintains with other domains or forests. By default the command returns a focused subset of trust attributes — trustPartner, trustDirection, whenCreated, whenChanged, trustType, trustAttributes, and securityIdentifier — giving you a concise picture of each relationship without noise. Pass --full-data to retrieve every available LDAP attribute on the trust object, which is useful when investigating trust flags, SID filtering settings, or selective authentication configurations during a cross-domain attack path analysis.
Global Flags
IP address of the Domain Controller to target.
Name of the domain used for authentication (e.g.
contoso.com).Username to authenticate with against the Domain Controller.
Password associated with the specified username.
NTLM hashes for pass-the-hash authentication. Format:
[LMHASH:]NTHASH.Use Kerberos authentication. Credentials are read from the
KRB5CCNAME ccache file; falls back to command-line credentials if no valid ticket is found.Force a TLS-encrypted connection to the Domain Controller.
Path to the certificate file to use for authentication.
Path to the private key file associated with the certificate.
Force SIMPLE LDAP authentication instead of the default SASL/NTLM binding.
Logging verbosity. Choices:
CRITICAL (default), WARNING, DEBUG, ULTRA.Print results in JSON format instead of the default tabular output.
Command Flags
Domain to query for trust relationships. Defaults to the domain supplied by
-w if omitted.Return all available LDAP attributes for each trust object instead of the default subset (
trustPartner, trustDirection, whenCreated, whenChanged, trustType, trustAttributes, securityIdentifier).