Active Directory Control Paths Logo

Active Directory Control Paths

0
Free
Visit Website

Control paths in Active Directory are an aggregation of 'control relations' between entities of the domain (users, computers, groups, GPO, containers, etc.) which can be visualized as graphs and whose purpose is to answer questions like 'Who can get Domain Admins privileges?' or 'What resources can a user control?' and even 'Who can read the CEO's emails?'. Changes: - New workflow for all steps, automating neo4j setup and import. - Basic Cypher querying through Neo4j REST API, increasing performance. - New control paths added: Kerberos delegation, SCCM dumping utilities for local admins and sessions control paths. - Adding EXCHANGE permissions in v1.3 'Who Can Read the CEO's Emails Edition'. - Permissions extracted from AD Users, Mailbox/DB descriptors, RBAC, and MAPI folders. - Better resume features, nodes clustering (through OVALI) in v1.2.3. - New control paths added in v1.2.2: RoDC and LAPS. - Major code changes take place in v1.2, as it is now able to dump and analyze very large Active Directories without hogging too much RAM. Some very large ADs with over 1M objects and 150M ACEs have been processed.

FEATURES

ALTERNATIVES

Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.

Free

A library utilizing Z3 prover to analyze AWS IAM policies.

Free

Certbot is a free tool for automatically enabling HTTPS on websites using Let's Encrypt certificates.

Free

This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.

Free

AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.

Commercial

Monokee is an identity orchestration and access management platform that provides visual, low-code tools for designing authentication workflows, managing digital identities, and implementing secure access controls across multiple domains.

Commercial

AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.

Free

Safely store secrets in version control repositories with GPG encryption support.

Free

PINNED