feat: Add comprehensive AD user query tool v2.0

ADModule.bat

@@ -0,0 +1,114 @@
+@echo off
+chcp 65001 >nul 2>&1
+setlocal EnableDelayedExpansion
+title ADModule - Script Manager
+cd /d "%~dp0"
+
+:MENU
+cls
+echo.
+echo =============================================
+echo        ADModule - Script Manager
+echo =============================================
+echo.
+echo   Available Scripts:
+echo.
+echo   [1] Get-ADUserInfo - Query AD user attributes
+echo       (Single user or batch processing)
+echo.
+echo   [2] Import-ActiveDirectory - Import AD module
+echo       (Load DLL for manual PowerShell use)
+echo.
+echo   [0] Exit
+echo.
+echo =============================================
+echo.
+
+set /p choice="Choose an option (0-2): "
+
+if "%choice%"=="1" goto ADUSER
+if "%choice%"=="2" goto IMPORTAD
+if "%choice%"=="0" goto EXIT
+echo.
+echo [!] Invalid option. Press any key to try again...
+pause >nul
+goto MENU
+
+:ADUSER
+cls
+echo.
+echo =============================================
+echo        Get-ADUserInfo - Options
+echo =============================================
+echo.
+echo   [1] Interactive mode (menu)
+echo.
+echo   [2] Query current logged-in user
+echo.
+echo   [3] Batch process from file
+echo.
+echo   [0] Back to main menu
+echo.
+echo =============================================
+echo.
+
+set /p subchoice="Choose an option (0-3): "
+
+if "%subchoice%"=="1" goto ADUSER_INTERACTIVE
+if "%subchoice%"=="2" goto ADUSER_CURRENT
+if "%subchoice%"=="3" goto ADUSER_BATCH
+if "%subchoice%"=="0" goto MENU
+echo.
+echo [!] Invalid option. Press any key to try again...
+pause >nul
+goto ADUSER
+
+:ADUSER_INTERACTIVE
+cls
+powershell.exe -ExecutionPolicy Bypass -NoProfile -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; & '.\scripts\Get-ADUserInfo.ps1'"
+echo.
+pause
+goto MENU
+
+:ADUSER_CURRENT
+cls
+powershell.exe -ExecutionPolicy Bypass -NoProfile -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; & '.\scripts\Get-ADUserInfo.ps1' -SamAccountName $env:USERNAME -NoMenu"
+echo.
+pause
+goto MENU
+
+:ADUSER_BATCH
+cls
+powershell.exe -ExecutionPolicy Bypass -NoProfile -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; $script = '.\scripts\Get-ADUserInfo.ps1'; & $script -BatchFile '' -BatchOutput ''"
+echo.
+pause
+goto MENU
+
+:IMPORTAD
+cls
+echo.
+echo =============================================
+echo    Import-ActiveDirectory - PowerShell
+echo =============================================
+echo.
+echo   This will open a PowerShell session with
+echo   the Active Directory module loaded.
+echo.
+echo   You can use AD cmdlets like:
+echo     - Get-ADUser
+echo     - Get-ADGroup
+echo     - Get-ADComputer
+echo.
+echo =============================================
+echo.
+echo Press any key to start PowerShell session...
+pause >nul
+cls
+powershell.exe -ExecutionPolicy Bypass -NoProfile -NoExit -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8; & '.\scripts\Import-ActiveDirectory.ps1'; Write-Host ''; Write-Host '[+] AD Module loaded. You can now use Get-ADUser, Get-ADGroup, etc.' -ForegroundColor Green; Write-Host ''"
+goto MENU
+
+:EXIT
+echo.
+echo Exiting...
+endlocal
+exit /b 0

README.md

@@ -1,36 +1,176 @@
 # ADModule
-Microsoft signed DLL for the ActiveDirectory PowerShell module
 
-Just a backup for the Microsoft's ActiveDirectory PowerShell module from Server 2016 with RSAT and module installed. The DLL is usually found at this path: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.ActiveDirectory.Management
+Microsoft signed DLL for the ActiveDirectory PowerShell module.
 
-and the rest of the module files at this path:
-C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ActiveDirectory\
+> **Enhanced by [@GuilhermeP96](https://github.com/GuilhermeP96)** - Added interactive tools, batch processing, and script manager.
 
-## Usage
-You can copy this DLL to your machine and use it to enumerate Active Directory without installing RSAT and without having administrative privileges. 
+## Overview
 
-PS C:\\> Import-Module C:\ADModule\Microsoft.ActiveDirectory.Management.dll -Verbose
-![Alt text](/img/AD_Module.png?raw=true "ADModule")
+This is a backup of Microsoft's ActiveDirectory PowerShell module from Server 2016 with RSAT. The DLL allows you to enumerate Active Directory **without installing RSAT** and **without administrative privileges**.
 
-You can also use the Import-ActiveDirectory.ps1 (Thanks to PR by @D1iv3) to load the script using download-execute cradles and without writing the DLL to disk:
+### Original Paths
+- DLL: `C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.ActiveDirectory.Management`
+- Module: `C:\Windows\System32\WindowsPowerShell\v1.0\Modules\ActiveDirectory\`
 
-PS C:\\> iex (new-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/samratashok/ADModule/master/Import-ActiveDirectory.ps1');Import-ActiveDirectory
-![Alt text](/img/AD_Module_Array.png?raw=true "ADModule_Array")
+## Project Structure
 
+```
+ADModule/
+├── ADModule.bat                              # Script Manager (main entry point)
+├── Microsoft.ActiveDirectory.Management.dll  # Microsoft signed AD DLL
+├── ActiveDirectory/                          # Full AD module files
+│   └── ActiveDirectory.psd1
+├── scripts/
+│   ├── Get-ADUserInfo.ps1                    # AD user query tool
+│   └── Import-ActiveDirectory.ps1            # Module loader
+├── img/
+└── README.md
+```
 
-To be able to list all the cmdlets in the module, import the module as well. Remember to import the DLL first. 
+## Quick Start
 
-PS C:\\> Import-Module C:\ADModule\Microsoft.ActiveDirectory.Management.dll -Verbose
+### Option 1: Script Manager (Recommended)
+Double-click `ADModule.bat` to open the interactive menu:
 
-PS C:\\> Import-Module C:\AD\Tools\ADModule\ActiveDirectory\ActiveDirectory.psd1
+```
+=============================================
+       ADModule - Script Manager
+=============================================
 
-PS C:\\> Get-Command -Module ActiveDirectory
+  [1] Get-ADUserInfo - Query AD user attributes
+  [2] Import-ActiveDirectory - Import AD module
+  [0] Exit
+```
+
+### Option 2: Direct PowerShell Usage
+```powershell
+# Import the DLL
+Import-Module .\Microsoft.ActiveDirectory.Management.dll -Verbose
+
+# Import full module (for all cmdlets)
+Import-Module .\ActiveDirectory\ActiveDirectory.psd1
+
+# List available commands
+Get-Command -Module ActiveDirectory
+```
+
+## Features
+
+### Get-ADUserInfo.ps1
+Interactive tool to query AD user information with multiple features:
+
+#### Parameters
+| Parameter | Description |
+|-----------|-------------|
+| `-SamAccountName` | User login/username to query |
+| `-Domain` | AD domain (auto-detected if not specified) |
+| `-NoMenu` | Skip interactive menus (direct mode) |
+| `-AllFields` | Display all AD attributes |
+| `-ExportCsv` | Export data to CSV file |
+| `-ExportPhoto` | Export user's profile photo |
+| `-BatchFile` | Input file with user list for batch processing |
+| `-BatchOutput` | Output CSV path for batch processing |
+
+#### Usage Examples
+
+```powershell
+# Interactive mode (recommended)
+.\scripts\Get-ADUserInfo.ps1
+
+# Query specific user
+.\scripts\Get-ADUserInfo.ps1 -SamAccountName "john.doe" -NoMenu
+
+# Show ALL fields (all attributes)
+.\scripts\Get-ADUserInfo.ps1 -SamAccountName "john.doe" -AllFields
+
+# Export to CSV
+.\scripts\Get-ADUserInfo.ps1 -SamAccountName "john.doe" -ExportCsv "C:\temp\user.csv"
+
+# Batch processing (multiple users)
+.\scripts\Get-ADUserInfo.ps1 -BatchFile "C:\users.txt" -BatchOutput "C:\export.csv"
+
+# Multi-domain support
+.\scripts\Get-ADUserInfo.ps1 -Domain "domain1.local,domain2.corp"
+```
+
+#### Batch Processing
+The batch mode accepts text files with users in any of these formats:
+- One user per line
+- Comma-separated: `user1,user2,user3`
+- Semicolon-separated: `user1;user2;user3`
+
+When running batch mode interactively, native Windows file dialogs are used (with CLI fallback if GUI is unavailable).
+
+#### Output Formats
+1. **Summary** - Main fields organized by category (Identification, Organization, Contact, Address, Account Status, AD Location, Groups)
+2. **All Fields** - Complete dump of all AD attributes with expanded arrays
+3. **CSV Export** - All data exported to CSV file
+4. **Photo Export** - User's profile photo (thumbnailPhoto or jpegPhoto)
+
+### Import-ActiveDirectory.ps1
+Loads the AD module for manual PowerShell usage. Supports:
+- Loading from DLL on disk
+- Loading from embedded byte array (for download-execute cradles)
+
+```powershell
+# Load from script
+.\scripts\Import-ActiveDirectory.ps1
+
+# Or with custom DLL path
+Import-ActiveDirectory -ActiveDirectoryModule "C:\path\to\dll"
+```
 
 ## Benefits
-There are many benefits like very low chances of detection by AV, very wide coverage by cmdlets, good filters for cmdlets, signed by Microsoft etc. The most useful one, however, is that this module works flawlessly from PowerShell's Constrained Language Mode
-![Alt text](/img/AD_Module_CLM.png?raw=true "ADModule in CLM")
 
+- **No RSAT required** - Works without Remote Server Administration Tools
+- **No admin privileges** - Run as standard user
+- **Microsoft signed** - Very low AV detection
+- **CLM compatible** - Works in PowerShell Constrained Language Mode
+- **Auto domain detection** - Automatically finds your AD domain
+- **Multi-domain support** - Query multiple domains
+- **Batch processing** - Process hundreds of users at once
+- **GUI file dialogs** - Native Windows dialogs with CLI fallback
+
+## Screenshots
+
+### ADModule Import
+![ADModule](img/AD_Module.png?raw=true "ADModule")
+
+### ADModule Array (Download-Execute)
+![ADModule_Array](img/AD_Module_Array.png?raw=true "ADModule_Array")
+
+### Constrained Language Mode
+![ADModule in CLM](img/AD_Module_CLM.png?raw=true "ADModule in CLM")
+
+## Credits
+
+- **Original Author**: [Samrat Ashok](https://github.com/samratashok) ([@intikitten](https://twitter.com/intikitten))
+- **Import-ActiveDirectory.ps1**: [@D1iv3](https://github.com/samratashok/ADModule/pull/1)
+- **Enhanced Scripts & Tools**: [@GuilhermeP96](https://github.com/GuilhermeP96)
+
+## Links
+
+- **Original Repository**: https://github.com/samratashok/ADModule
+- **Blog Post**: https://www.labofapenetrationtester.com/2018/10/domain-enumeration-from-PowerShell-CLM.html
+
+## Changelog
 
+### v2.0.0 (2026-01-06) - @GuilhermeP96
+- Added `Get-ADUserInfo.ps1` - Interactive AD user query tool
+- Added `ADModule.bat` - Script manager with menu system
+- Reorganized project structure (scripts in `/scripts` folder)
+- Features added:
+  - Interactive menus for user selection and output format
+  - Automatic domain detection (3 methods + manual fallback)
+  - Multi-domain support
+  - Batch processing with GUI file dialogs
+  - All fields display (all attributes with array expansion)
+  - CSV export functionality
+  - Profile photo export (thumbnailPhoto/jpegPhoto)
+  - UTF-8 encoding support
+  - English localization
 
-## Blog 
-https://www.labofapenetrationtester.com/2018/10/domain-enumeration-from-PowerShell-CLM.html
+### v1.0.0 - Original
+- Microsoft.ActiveDirectory.Management.dll
+- Import-ActiveDirectory.ps1
+- ActiveDirectory module files