diff --git a/README.md b/README.md
index 1f50512..870e413 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,12 @@ The listing below details the CLI arguments SharpHound supports. Additional deta
 
   --ldappassword             Password for LDAP
 
+  --ldapenvusername          Username for LDAP stored in a defined environment variable (argument takes the environment variable as input)
+
+  --ldapenvpassword          Password for LDAP stored in a defined environment variable (argument takes the environment variable as input)
+
+  --ldapcredentialsjsonpath  Path argument for a json file containing {"Username": "xxxx", "Password": "xxxx"} to be used instead of --ldapusername and --ldappassword
+
   --domaincontroller         Override domain controller to pull LDAP from. This option can result in data loss
 
   --ldapport                 (Default: 0) Override port for LDAP
diff --git a/src/JsonExtensions.cs b/src/JsonExtensions.cs
index 125e88f..075dba5 100644
--- a/src/JsonExtensions.cs
+++ b/src/JsonExtensions.cs
@@ -8,6 +8,12 @@
 
 namespace Sharphound
 {
+
+    public class Credentials
+    {
+        public string Username { get; set; }
+        public string Password { get; set; }
+    }
     public class CacheContractResolver : DefaultContractResolver
     {
         private static readonly CacheContractResolver Instance = new();
diff --git a/src/Options.cs b/src/Options.cs
index 9b4ca53..6e11e91 100644
--- a/src/Options.cs
+++ b/src/Options.cs
@@ -78,6 +78,15 @@ public class Options
         [Option(HelpText = "Password for LDAP", Default = null)]
         public string LDAPPassword { get; set; }
 
+        [Option(HelpText = "Path to Json file containing username/password", Default = null)]
+        public string LDAPCredentialJsonPath { get; set; }
+
+        [Option(HelpText = "Enviroment variable name for LDAP Username", Default = null)]
+        public string LDAPEnvUsername { get; set; }
+
+        [Option(HelpText = "Enviroment variable name for LDAP Password", Default = null)]
+        public string LDAPEnvPassword { get; set; }
+
         [Option(HelpText = "Do the session enumeration with local admin credentials instead of domain credentials", Default = false)]
         public bool DoLocalAdminSessionEnum { get; set; }
 
diff --git a/src/Sharphound.cs b/src/Sharphound.cs
index db87f3f..e563c1f 100644
--- a/src/Sharphound.cs
+++ b/src/Sharphound.cs
@@ -451,6 +451,26 @@ await options.WithParsedAsync(async options => {
 
                     if (options.DomainController != null) ldapOptions.Server = options.DomainController;
 
+                    if (options.LDAPCredentialJsonPath != null) {
+                        string json = File.ReadAllText(options.LDAPCredentialJsonPath);
+                        Credentials ldapCreds = JsonConvert.DeserializeObject<Credentials>(json);
+                        ldapOptions.Username = ldapCreds.Username;
+                        ldapOptions.Password = ldapCreds.Password;
+                    }
+                    
+                    if (options.LDAPEnvUsername != null) {
+                        if (options.LDAPEnvPassword == null) {
+                            logger.LogError("You must specify LDAPEnvPassword if using the LDAPEnvUsername options");
+                            return;
+                        }
+
+                        string EnvUsername = Environment.GetEnvironmentVariable(options.LDAPEnvUsername);
+                        string EnvPassword = Environment.GetEnvironmentVariable(options.LDAPEnvPassword);
+
+                        ldapOptions.Username = EnvUsername;
+                        ldapOptions.Password = EnvPassword;
+                    }
+
                     if (options.LDAPUsername != null) {
                         if (options.LDAPPassword == null) {
                             logger.LogError("You must specify LDAPPassword if using the LDAPUsername options");