BTA – Active Directory security audit framework
BTA is an open-source Active Directory security audit framework. Its goal is to help auditors harvest the information they need to answer such questions as:
- Who has rights over a given object (computer, user account, etc.) ?
- Who can read a given mailbox ?
- Which are the accounts with domain admin rights ?
- Who has extended rights (userForceChangePassword, SendAs, etc.) ?
- What are the changes done on an AD between two points in time ?
The framework is made of
- an importer able to translate a ntds.dit file, containing all the AD data, into a database
- tools to query the database
- AD miner framework
- AD diff utility
- small utilities (list of databases, etc.)
The comprehensive set of attributes are imported and can be quarried including all schema extensions (Exchange, Sharepoint, etc.).

BTA – Active Directory security audit framework
If you are using Active Directory on your network it will be important to scan/fix vulnerabilities on going and make configuration check using BTA to report any misconfguration on the system.
You can read more and download BTA here: https://github.com/airbus-seclab/
Subscribe
0 Comments