Monthly Archives: September 2022

Standard

Posted by

Posted on

September 27, 2022

Posted under

Security Tools

Comments

Leave a comment

Pingcastle – Active Directory security scanner

Ping Castle has a free edition (requires installation and .net framework 3.5).

This tool will scan AD for a variety of security issues, including krbtgt password dated, admin accounts not in protected group / allowing delegation (reuse of krb ticket), control paths to permit unprivileged users to gain privileges (by hopping through groups/delegations), vulnerable schema classes, DES enablement on accounts, orphaned SIDs still in security groups, non-existent computers with active accounts… And the list goes on.

Highly recommended, and free for internal/personal use.

https://www.pingcastle.com/

Standard

Posted by

Posted on

September 27, 2022

Posted under

Uncategorized

Comments

Leave a comment

Password strength check for AD, which also checks for breached passwords

Enzoic Console Light runs on a local domain joined computer, to check AD for weak passwords, recycled passwords (eg. for domain user/domain admin pairs on the IT team) and passwords included in disclosed breaches.

The first 10 characters of the password hash is compared with the online database. Any matches are downloaded for local comparison, meaning the full password hash does not leave the network.

The free version will give a simple report when run, with paid versions running resident for continual checking.

Nice handy tool!

http://www.enzoic.com/