PingCastle – Active Directory Security Assessment Tool

The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org. PingCastle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.

PingCastle - Get Active Directory Security at 80% in 20% of the time
PingCastle – Get Active Directory Security at 80% in 20% of the time

The tool will allow to run the following functionality:

  • healthcheck- report to have the domain risk score. The tool will collect the most important information of the Active Directory and establish an overview. Based on a model and rules, it evaluates the score of the sub-processes of the Active Directory. Then it reports the risks.
  • graph – Analyze admin groups and delegations
  • conso – Aggregate multiple reports into a single one
  • nullsession – Perform a specific security check
  • carto – Build a map of all interconnected domains. This report produce a map of all Active Directory. This map is built based on existing health check reports or when none is available, via a special mode collecting the required information as fast as possible.
  • scanner – Perform specific security checks on workstations. checking workstations for local admin privileges, open shares, startup time.

You can read more and download this tool over here: https://github.com/vletoux/pingcastle

Share