• Stars
    star
    2,140
  • Rank 21,562 (Top 0.5 %)
  • Language
    C#
  • License
    Other
  • Created over 6 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PingCastle - Get Active Directory Security at 80% in 20% of the time

Ping Castle

Introduction

The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org.

Ping Castle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment and a maturity framework. It does not aim at a perfect evaluation but rather as an efficiency compromise.

  \==--O___      PingCastle (Version 3.0.0.3     4/18/2023 7:25:24 PM)
   \  / \  "">   Get Active Directory Security at 80% in 20% of the time
    \/   \ ,'    End of support: 7/31/2024
     O"---O
      \ ,'       Vincent LE TOUX ([email protected])
       v         twitter: @mysmartlogon       https://www.pingcastle.com
What do you want to do?
=======================
Using interactive mode.
Do not forget that there are other command line switches like --help that you can use
  1-healthcheck-Score the risk of a domain
  2-azuread    -Score the risk of AzureAD
  3-conso      -Aggregate multiple reports into a single one
  4-carto      -Build a map of all interconnected domains
  5-scanner    -Perform specific security checks on workstations
  6-export     -Export users or computers
  7-advanced   -Open the advanced menu
  0-Exit
==============================
This is the main functionnality of PingCastle. In a matter of minutes, it produces a report which will give you an overview of your Active Directory security. This report can be generated on other domains by using the existing trust links.

Check https://www.pingcastle.com for the documentation and methodology

Build

PingCastle is a c# project which can be build from Visual Studio 2012 to Visual Studio 2022

Support & lifecycle

For support requests, you should contact [email protected] The support for the basic edition is made on a best effort basis and fixes delivered when a new version is delivered.

The Basic Edition of PingCastle is released every 6 months (January, August) and this repository is updated at each release.

If you need changes, please contact [email protected] for support packages.

License

PingCastle source code is licensed under a proprietary license and the Non-Profit Open Software License ("Non-Profit OSL") 3.0.

Except if a license is purchased, you are not allowed to make any profit from this source code. To be more specific:

  • It is allowed to run PingCastle without purchasing any license on for profit companies if the company itself (or its ITSM provider) run it.
  • To build services based on PingCastle AND earning money from that, you MUST purchase a license.

Ping Castle uses the following Open source components:

Author

Author: Vincent LE TOUX

You can contact me at [email protected]

More Repositories

1

MakeMeEnterpriseAdmin

PowerShell
251
star
2

SpoolerScanner

Check if MS-RPRN is remotely available with powershell/c#
PowerShell
173
star
3

NTLMInjector

In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)
PowerShell
162
star
4

PingCastleCloud

Audit program for AzureAD
C#
144
star
5

SmbScanner

Smb Scanner from PingCastle
PowerShell
118
star
6

GidsApplet

Generic Identity Device Specification Applet
Java
101
star
7

ms17-010-Scanner

PowerShell
59
star
8

DetectPasswordViaNTLMInFlow

Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test passwords
C++
57
star
9

TestAntivirus

Test if an antivirus is installed via the resolution of the service virtual SID
PowerShell
54
star
10

Bluekeep-scanner

BlueKeep powershell scanner (based on c# code)
PowerShell
40
star
11

OpenPGP-CSP

A CSP for the OpenPGP card - goal: add write support for certificate enrollment
C++
37
star
12

RPCForSMBLibrary

Extension of SMBLibrary for RPC calls
C#
33
star
13

OxidBindings

Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
PowerShell
24
star
14

ADSecrets

Set of ultra technical notes about AD
C#
18
star
15

openpgpmdrv

OpenPGP smart card minidriver
C
10
star
16

SubAuth

Sub Authentication package (for the talk you "try" to detect mimikatz)
C++
5
star
17

Cyrating2TH

Cyrating Reputation alert importer for TheHive, an Open Source and Free Security Incident Response Platform
Python
5
star
18

PingCastlePatrOwl

An Engine for PatrOwl allowing to run PingCastle scans
C#
4
star
19

PINSniff

capture smart card pin via a filter driver (demo of you "try" to detect mimikatz)
C
3
star
20

PingCastlePowerBIConnector

PowerBI Connector for PingCastle Enterprise
2
star
21

conferences

1
star
22

ExploitIncomingForestTrustBuilder

C++
1
star