ADProbe Vulnerability Script

ADProbe is a comprehensive tool designed to scan and identify vulnerabilities, misconfigurations, and persistent threats within Active Directory environments. It helps administrators secure their infrastructure by providing detailed insights and actionable recommendations based on industry best practices and standards.

Features:

Comprehensive Scanning: Thoroughly scans Active Directory for a wide range of vulnerabilities and misconfigurations.

Detailed Reporting: Provides detailed descriptions and recommendations for each identified issue.

Persistent Threat Detection: Identifies and reports on persistent threats and potential backdoors within the environment.

Best Practices Compliance: Ensures compliance with CIS Benchmarks and other security best practices.

Regular Updates: Keeps up-to-date with the latest security threats and mitigation techniques.

Categories:

Active Directory - Vulnerabilities

Account Lockout and Password Policy

Accounts with Old Passwords

Active Directory Certification Services (ESC1 to ESC8)

Azure Active Directory SSO Account

Computers with Default Password

Constrained Delegation

DNS Dynamic Updates

Editable GPOs

GPO Link Permission

Inactive but Enabled Users

Kerberos Encryption

LAPS (Local Administrator Password Solution)

LDAP Signing

Machines Out of Date

NTLM

Passwords in Policies

Pre-Windows 2000 Compatible Access Group

Protected Users

Read-Only Domain Controller Groups

Resource Based Constrained Delegation

Service Accounts with AdminCount Attribute

SMB

Trusts

Unconstrained Delegation

AdminCount Attribute

Bad Password Count

Disabled Kerberos Preauthentication

Do Not Require a Password

Kerberos DES Enabled

Password in Description

Password Never Expires

Password Stored Using Reversible Encryption

Service Principal Name

Active Directory - Persistent Methods

Active Directory Recent Objects

AdminSDHolder

DCShadow Computer

DCShadow Privilege

DCSync Privilege

Domain Controllers

Hidden Objects

KRBTGT Account

Privileged Groups

Shadow Principals

SIDHistory

User Accounts with Modified Primary Group

Windows Infrastructure Security Course

Ready to dive into the world of cybersecurity within Windows environments? Look no further! Our Windows Infrastructure Security course offers in-depth insights into Windows Operating Systems and Active Directory, all from a cybersecurity perspective.