Ping Castle

The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org.

Ping Castle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.

The tool will allow running the following functionality:

• healthcheck- report having the domain risk score. The tool will collect the most important information of the Active Directory and establish an overview. Based on a model and rules, it evaluates the score of the sub-processes of the Active Directory. Then it reports the risks.
• graph – Analyze admin groups and delegations
• conso – Aggregate multiple reports into a single one
• nullsession – Perform a specific security check
• carto – Build a map of all interconnected domains. This report produces a map of all Active Directory. This map is built based on existing health check reports or when none is available, via a special mode collecting the required information as fast as possible.
• scanner – Perform specific security checks on workstations. checking workstations for local admin privileges, open shares, startup time.

Changelog v2.7.1.0

* update the TGT delegation algorithm after the July update (new flag CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION)

Download & Use

Author: Vincent LE TOUX (vincent.letoux@gmail.com)