ADProbe Vulnerability Script


Get a fast, no-nonsense snapshot of your Active Directory risks.


ADProbe is a PowerShell-based assessment script that scans your AD environment and highlights vulnerabilities, persistence methods, misconfigurations, and exposure points.

Built for Windows infrastructure defenders, it gives you a categorized report (HTML) that surfaces what attackers love: legacy protocols, bad delegation configs, stale objects, and credential exposure risks.

You won’t get dashboards or step-by-step remediation here — just direct answers to what’s wrong, where, and why it matters.

What it Checks:
✔ Vulnerabilities – From weak password policies to exposed LDAP or NTLM settings
✔ Persistence Methods – Detects things like DCSync rights, hidden objects, and SID history abuse
✔ Common Misconfigs – Insecure GPOs, unconstrained delegation, inactive users, etc.
✔ ESCM & PKI Issues – Scans for common CA weaknesses like ESC1–ESC8 paths


Who It’s For:
Windows SysAdmins, AD Engineers, Blue Teamers
Looking for a fast security snapshot of their domain
Want to validate what’s actually risky, not just “recommended settings”

Run it. Check the report. Fix what matters.
No install. No fluff. Just signal.

Checks: