Ping Castle: assess quickly the Active Directory security level
Ping Castle
The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org.
Ping Castle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.
The tool will allow running the following functionality:
- healthcheck- report having the domain risk score. The tool will collect the most important information of the Active Directory and establish an overview. Based on a model and rules, it evaluates the score of the sub-processes of the Active Directory. Then it reports the risks.
- graph – Analyze admin groups and delegations
- conso – Aggregate multiple reports into a single one
- nullsession – Perform a specific security check
- carto – Build a map of all interconnected domains. This report produces a map of all Active Directory. This map is built based on existing health check reports or when none is available, via a special mode collecting the required information as fast as possible.
- Scanners – Perform specific security checks on workstations. checking workstations for local admin privileges, open shares, and startup time.
