Create scan-for-vulns-and-infos.md for LDAP

[termanix]

On the LDAP side, having the modules for Scan and Check together provides a more organized and tidy view. There is no congestion in the list on the left.

If it's okay @NeffIsBack I will remove some get-user-descriptions.md, get-network.md etc.

They will all be gathered in one place, Like scan-for-vulnerabilities.md in SMB.

[NeffIsBack]

Hi,
not sure about this one. These are all not "vulnerabilities", but rather missconfigurations. Also most of them are already documented, e.g. maq or extract subnets.
We should probably just group them similar to the SMB section into enumeration/obtaining credentials and other categories that fit well

[Marshall-Hallenbeck]

Hi, not sure about this one. These are all not "vulnerabilities", but rather missconfigurations. Also most of them are already documented, e.g. maq or extract subnets. We should probably just group them similar to the SMB section into enumeration/obtaining credentials and other categories that fit well

Misconfigurations are vulnerabilities, but I agree that if they're already documented, maybe we should just have a "top level" page that links to each module with a quick snippet about what it does? Similar to if you do -L to list modules, it'll make it easier to find what you're looking for.

We could also have a "low hanging fruit" or "common issues" to outline some easy wins people can run right away, which is what this PR seems to be trying to do.

[NeffIsBack]

Hi, not sure about this one. These are all not "vulnerabilities", but rather missconfigurations. Also most of them are already documented, e.g. maq or extract subnets. We should probably just group them similar to the SMB section into enumeration/obtaining credentials and other categories that fit well

Misconfigurations are vulnerabilities,

Well, that depends on how you define a "vulnerability". A missconfiguration for me is when you e.g. assign dcsync privs to a low priv user. A vulnerability is when you find Zerologon or EternalBlue on a vulnerable host.

but I agree that if they're already documented, maybe we should just have a "top level" page that links to each module with a quick snippet about what it does? Similar to if you do -L to list modules, it'll make it easier to find what you're looking for.

Yeah that what i meant with "grouping by the categories Enumeration and Obtaining Credentials just like we have it in the SMB protocol. That way we have a similar structure for both protocols.