Kerberos.NET
A Kerberos implementation built entirely in managed code. (by dotnet)
pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time (by vletoux)
Kerberos.NET | pingcastle | |
---|---|---|
1 | 16 | |
500 | 2,115 | |
2.0% | - | |
7.7 | 5.6 | |
3 months ago | 2 months ago | |
C# | C# | |
MIT License | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Kerberos.NET
Posts with mentions or reviews of Kerberos.NET.
We have used some of these posts to build our list of alternatives
and similar projects.
-
Can someone explain how Services/Service Principal Names work in AD?
The mapping of Windows Services to SPNs is a bit lopsided. There's only a handful of SPNs on any given computer object, but that's okay because there's a special SPN called host/computername that is a catch-all. There's a mapping of 50 or so service types mapped to host so when you ask for say fax/computername, AD will treat that as a search 'find me fax/computername OR find me host/computername'. There's an official list on docs somewhere (can't find it), but here's a mapping I created from that official list. All of this lopsidedness works because the local services are running as local system or network service, and therefore use the computer account.
pingcastle
Posts with mentions or reviews of pingcastle.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-12-05.
-
Open source vulnerability scanner
I use OpenVas (on Kali) and PingCastle (on Windows).
-
PingCastle and Active Directory hardening
Hi! I just ran PingCastle and I got two major issues:
-
Server 2016 - Enterprise Key Admins GPO linking delegation at the domain level & the domain controller OU level
You can also run these types of assessments yourself using tools such as - https://www.purple-knight.com/ - and - https://www.pingcastle.com - both will provide very detailed reports and steps for remediation.
- Specific user account breaks any computers domain connection is logs into... Stumped!
-
AD security post ransomware :(
https://www.pingcastle.com/ (free open source tool)
-
Active Directory Security Tools
PingCastle - the OG AD hygiene scanner - https://www.pingcastle.com/
-
Resetting Password permissions
Create a security group and delegate permissions to that. I suggest you get a copy of Ping Castle and do an AD scan and figure out what else is misconfigured. https://www.pingcastle.com/
-
Azure AD auditing tools
Try PingCastle ! The easiest and gives you lot of info + remmediation
- Domain Admin Security Training
- Best solutions to check rights, access and general security
What are some alternatives?
When comparing Kerberos.NET and pingcastle you can also consider the following projects:
nsspi - A C# / .Net interface to the Win32 SSPI authentication API
BloodHound - Six Degrees of Domain Admin
MQTTnet - MQTTnet is a high performance .NET library for MQTT based communication. It provides a MQTT client and a MQTT server (broker). The implementation is based on the documentation from http://mqtt.org/.
access-manager - Access Manager provides web-based access to local admin (LAPS) passwords, BitLocker recovery keys, and just-in-time administrative access to Windows computers in a modern, secure, and user-friendly way.