ADProbe Vulnerability Script
ADProbe is a powerful security assessment tool designed to uncover vulnerabilities, misconfigurations, and persistent threats in Active Directory environments. It provides security engineers and administrators with clear, actionable insights to strengthen their AD security posture.
Features:
✔️𝗖𝗼𝗺𝗽𝗿𝗲𝗵𝗲𝗻𝘀𝗶𝘃𝗲 𝗔𝗗 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗦𝗰𝗮𝗻 – Detects vulnerabilities, misconfigurations, and potential attack paths.
✔️𝗔𝗰𝘁𝗶𝗼𝗻𝗮𝗯𝗹𝗲 𝗥𝗲𝗽𝗼𝗿𝘁𝘀 – Provides clear explanations, security risk levels, and step-by-step remediation guidance.
✔️𝗣𝗲𝗿𝘀𝗶𝘀𝘁𝗲𝗻𝘁 𝗧𝗵𝗿𝗲𝗮𝘁 𝗗𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻 – Identifies hidden backdoors, compromised accounts, and security gaps attackers exploit.
✔️𝗕𝗲𝘀𝘁 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲𝘀 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 – Helps align your environment with CIS Benchmarks and industry security standards.
✔️𝗥𝗲𝗴𝘂𝗹𝗮𝗿 𝗨𝗽𝗱𝗮𝘁𝗲𝘀 – Keeps up-to-date with the latest security threats and mitigation techniques.
Checks:
Active Directory - Vulnerabilities
Account Lockout and Password Policy
Accounts with Old Passwords
Active Directory Certification Services (ESC1 to ESC8)
Azure Active Directory SSO Account
Computers with Default Password
Constrained Delegation
DNS Dynamic Updates
Editable GPOs
GPO Link Permission
Inactive but Enabled Users
Kerberos Encryption
LAPS (Local Administrator Password Solution)
LDAP Signing
Machines Out of Date
NTLM
Passwords in Policies
Pre-Windows 2000 Compatible Access Group
Protected Users
Read-Only Domain Controller Groups
Resource Based Constrained Delegation
Service Accounts with AdminCount Attribute
SMB
Trusts
Unconstrained Delegation
AdminCount Attribute
Bad Password Count
Disabled Kerberos Preauthentication
Do Not Require a Password
Kerberos DES Enabled
Password in Description
Password Never Expires
Password Stored Using Reversible Encryption
Service Principal Name
Active Directory - Persistent Methods
Active Directory Recent Objects
AdminSDHolder
DCShadow Computer
DCShadow Privilege
DCSync Privilege
Domain Controllers
Hidden Objects
KRBTGT Account
Privileged Groups
Shadow Principals
SIDHistory
User Accounts with Modified Primary Group
