Identify the accounts most vulnerable to dictionary attacks.
PassTester is a tool for finding user passwords that are most vulnerable to dictionary attacks. The aim is to prompt the users concerned to choose a more secure password.
The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Secure infrastructure in minutes. Hardening Active Directory and Office 365.
A little tool to play with Windows security.
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory or Azure environment.
Snaffler is a tool for pentesters and red teamers to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment).
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer.
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is currently in its first drafts and will undergo further refinements and additions in future updates for sure.
#1 Active Directory security assessment community tool
Active Directory, Azure AD (now called Entra ID), and Okta vulnerabilities can give attackers virtually unrestricted access to your organization’s network and resources. Semperis built Purple Knight—a free AD, Azure AD, and Okta security assessment tool—to help you discover indicators of exposure (IoEs) and indicators of compromise (IoCs) in your hybrid AD environment. Download Purple Knight and dramatically reduce your AD attack surface today.
Get Active Directory Security at 80% in 20% of the time.
PingCastle is an Active Directory vunerability and misconfiguration scanner.
Web interface to change and reset password in an LDAP directory.
Self Service Password is a PHP application that allows users to change their password in an LDAP directory.
The application can be used on standard LDAPv3 directories (OpenLDAP, OpenDS, ApacheDS, Sun Oracle DSEE, Novell, etc.) and also on Active Directory.
FusionDirectory is only a web interface in front of Directory using LDAP v3 protocol.
Thanks to this, the user only see the informations stored inside the directory not the container, attributes names or other technical informations which could complexify informations and configuration management
Resara Server Community Edition is an open source Linux domain controller and file server solution based on Samba4. It is incredibly easy-to-use and requires no Linux expertise to setup or maintain. Please download and try for yourself! Get involved!
Centrify Express is a comprehensive suite of free Active Directory-based integration solutions for authentication, single sign-on, remote access, file-sharing, monitoring The #1 Choice for Active Directory Integration and cloud security for cross-platform systems. It is the quickest and most proven solution for integrating UNIX, Linux and Mac systems with Windows, and delivers more functionality and more to upgrade to when compared to other free offerings.