The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org. PingCastle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.
The tool will allow to run the following functionality:
- healthcheck- report to have the domain risk score. The tool will collect the most important information of the Active Directory and establish an overview. Based on a model and rules, it evaluates the score of the sub-processes of the Active Directory. Then it reports the risks.
- graph – Analyze admin groups and delegations
- conso – Aggregate multiple reports into a single one
- nullsession – Perform a specific security check
- carto – Build a map of all interconnected domains. This report produce a map of all Active Directory. This map is built based on existing health check reports or when none is available, via a special mode collecting the required information as fast as possible.
- scanner – Perform specific security checks on workstations. checking workstations for local admin privileges, open shares, startup time.
You can read more and download this tool over here: https://github.com/vletoux/pingcastle