pingcastle
New-KrbtgtKeys.ps1
pingcastle | New-KrbtgtKeys.ps1 | |
---|---|---|
16 | 15 | |
2,129 | 347 | |
- | - | |
5.6 | 0.0 | |
2 months ago | 2 months ago | |
C# | PowerShell | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pingcastle
-
Open source vulnerability scanner
I use OpenVas (on Kali) and PingCastle (on Windows).
-
PingCastle and Active Directory hardening
Hi! I just ran PingCastle and I got two major issues:
-
Server 2016 - Enterprise Key Admins GPO linking delegation at the domain level & the domain controller OU level
You can also run these types of assessments yourself using tools such as - https://www.purple-knight.com/ - and - https://www.pingcastle.com - both will provide very detailed reports and steps for remediation.
- Specific user account breaks any computers domain connection is logs into... Stumped!
-
AD security post ransomware :(
https://www.pingcastle.com/ (free open source tool)
-
Active Directory Security Tools
PingCastle - the OG AD hygiene scanner - https://www.pingcastle.com/
-
Resetting Password permissions
Create a security group and delegate permissions to that. I suggest you get a copy of Ping Castle and do an AD scan and figure out what else is misconfigured. https://www.pingcastle.com/
-
Azure AD auditing tools
Try PingCastle ! The easiest and gives you lot of info + remmediation
- Domain Admin Security Training
- Best solutions to check rights, access and general security
New-KrbtgtKeys.ps1
-
Disabling RC4 Kerberos Encryption Type in your AD
You should start rotating your krbtgt password (example script), if you haven't done so. You'll break everything if it's never been rotated. At least twice with a minimum of a day in-between. Never rotate twice under 10 hours or you'll break a lot.
-
Taking over from hostile IT - One man IT shop who holds the keys to the kingdom
This is critical. Most AD domains never change this password, so if the domain's been around since Windows 2000, that's a lot of opportunity for someone to pick up and use it to grant themselves any access. Often the reason for not doing so is the havoc it can cause if you have a huge worldwide domain with hundreds of DCs and some don't get the replicated password change before you do it a second time. Microsoft has a tool that minimizes this risk.
-
Password change for KRBTGT account in Cyberark
You would likely need a PowerShell plugin, via TPC, that uses this Microsoft script: https://www.microsoft.com/en-us/security/blog/2015/02/11/krbtgt-account-password-reset-scripts-now-available-for-customers/ . Though the script appears to be gone from MSFT, and can be found here: https://github.com/microsoft/New-KrbtgtKeys.ps1/blob/master/New-KrbtgtKeys.ps1 . Though Msft might have gotten their script originally from this author: Jorge de Almeida Pinto - more updated script here: https://github.com/zjorz/Public-AD-Scripts/blob/master/Reset-KrbTgt-Password-For-RWDCs-And-RODCs.ps1
-
PingCastle and Active Directory hardening
The first is about last change of the Kerberos password. Can I safely change such password with this script? Honestly I never did this before.
-
Changing very old krbtgt Password
I've used the reccomended microsoft script here https://github.com/microsoft/New-KrbtgtKeys.ps1
- Resetting Kerberos ticket issues - RPC connectivity
-
ADDS resetting KRBTGT password concerns
krbtgt script
-
Servers affected by ransomware
Reset the krbtgt keys twice: https://github.com/microsoft/New-KrbtgtKeys.ps1/blob/master/New-KrbtgtKeys.ps1
- Resetting krbtgt password
- KRBTGT password reset gone wrong?
What are some alternatives?
BloodHound - Six Degrees of Domain Admin
CSS-Exchange - Exchange Server support tools and scripts
access-manager - Access Manager provides web-based access to local admin (LAPS) passwords, BitLocker recovery keys, and just-in-time administrative access to Windows computers in a modern, secure, and user-friendly way.
Public-AD-Scripts - AD Scripts
GOAD - game of active directory
Kerberos.NET - A Kerberos implementation built entirely in managed code.
Adalanche - Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
11Bchecker
AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
HardeningKitty - HardeningKitty - Checks and hardens your Windows configuration
FastReport - Free Open Source Reporting tool for .NET6/.NET Core/.NET Framework that helps your application generate document-like reports
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab