0% found this document useful (0 votes)

22 views6 pages

ADSec Assessment

Uploaded by

diego.manero

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

22 views6 pages

ADSec Assessment

Uploaded by

diego.manero

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 6

#----------------------------------------------------------------------------------

--------------------------#
# Assessment de segurança no Active Directory
# Objetivo: Coletar informações e identificar pontos críticos na segurança do AD
# Autor: Daniel Donda
# Data: 30/01/2023
# Nota: Este script coleta informações sobre o AD e exibe na tela. Não execute em
produção sem autorização.
#----------------------------------------------------------------------------------
--------------------------#

# ------------------------------- #
# Variaveis e funções do scripts #
# ------------------------------- #

Import-Module ActiveDirectory
Clear-Host
#calcula 180 dias
$date = Get-Date
$180daysAgo = $date.AddDays(-180)
$folder = "C:\temp"
if (!(Test-Path -Path $folder)) {
New-Item -ItemType Directory -Path $folder
Write-Host "Pasta $folder criada com sucesso." -ForegroundColor Green
} else {
Write-Host "Pasta $folder já existe."
}

# Exibe o nome do script

Write-Host " _ ____ ____ _ _ "
Write-Host " / \ | _ \ / ___| ___ ___ _ _ _ __(_) |_ _ _ "
Write-Host " / _ \ | | | | \___ \ / _ \/ __| | | | '__| | __| | | | "
Write-Host " / ___ \| |_| | ___) | __/ (__| |_| | | | | |_| |_| | "
Write-Host "/_/ \_\____/ |____/ \___|\___|\__,_|_| |_|\__|\__, | "
Write-Host " |___/ "
Write-Host "AD SECURITY ASSESSMENT 1.1 | "$date -ForegroundColor Green
Write-Host "========================================================="

#------------------------------------------------#
# Variaveis de coleta de informações sobre o AD #
#------------------------------------------------#
$Domain = Get-ADDomain
$Forest = Get-ADForest
$DomainName = $Domain.DNSRoot
$ForestFunctionalLevel = $Forest.ForestMode
$UsersCount = (Get-ADUser -Filter * -SearchBase $Domain.DistinguishedName).Count
$ComputersCount = (Get-ADComputer -Filter * -SearchBase
$Domain.DistinguishedName).Count
$GroupsCount = (Get-ADGroup -Filter * -SearchBase $Domain.DistinguishedName).Count
$domainControllers = Get-ADDomainController -Filter *
$OUsCount = (Get-ADOrganizationalUnit -Filter * -SearchBase
$Domain.DistinguishedName).Count

#-----------------------------------------------------#
# variaveis de coleta de informações sobre as contas #
#-----------------------------------------------------#
$userspne = Get-ADUser -Filter {(PasswordNeverExpires -eq $true)} -Properties
DisplayName,SamAccountName,PasswordLastSet
$tuserspne = $userspne.Count

$usersadmin = Get-ADGroupMember -Identity "Domain Admins" -Recursive | Get-ADUser -

Properties DisplayName,SamAccountName
$tusersadmin = $usersadmin.count

$usersadmin1 = Get-ADGroupMember -Identity "Administrators" -Recursive | Get-ADUser

-Properties DisplayName,SamAccountName
$tusersadmin1 = $usersadmin1.count

$usersdisabled = Get-ADUser -Filter {(Enabled -eq $false)} -Properties

DisplayName,SamAccountName,PasswordLastSet
$tusersdisabled = $usersdisabled.Count

$users180dias = Get-ADUser -Filter {LastLogonTimeStamp -lt $180daysAgo} -Properties

DisplayName,SamAccountName,LastLogonTimeStamp
$tusers180dias = $users180dias.Count

$userssidhistory = Get-ADUser -LDAPFilter '(!sidhistory=*)' -Properties

DisplayName,SamAccountName,sidhistory
$tuserssidhistory = $userssidhistory.count

$AdminsdHolder= get-aduser -Filter {admincount -gt 0} -Properties adminCount -

ResultSetSize $null

$tAdminsdHolder= $AdminsdHolder.Count

$Guest = Get-ADUser -Filter {SamAccountName -eq "Guest"} -Properties Enabled

$inativos = Search-ADAccount –AccountInActive –UsersOnly –TimeSpan 180:00:00:00 –

ResultPageSize 2000 –ResultSetSize $null | ?{$_.Enabled –eq $True
$tinativos = $inativos.Count
#--------------------------------------------------------------------#
# Variaveis de coleta de informações sobre a politica de senha do AD #
#--------------------------------------------------------------------#
$passcomp = (Get-ADDefaultDomainPasswordPolicy).ComplexityEnabled
$passlengh = (Get-ADDefaultDomainPasswordPolicy).MinPasswordLength
$passhistory = (Get-ADDefaultDomainPasswordPolicy).PasswordHistoryCount
$passblock = (Get-ADDefaultDomainPasswordPolicy).LockoutThreshold
$passdesblock = (Get-ADDefaultDomainPasswordPolicy).LockoutDuration
$passage = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge.days
$passage2 = (Get-ADDefaultDomainPasswordPolicy).MinPasswordAge.days

#-----------------------------#
# ATAQUES AO ACTIVE DIRECTORY #
#-----------------------------#

# variaveis de coleta de informações sobre o ataque Golden Ticket.

$krbtgt = Get-ADUser -Filter {samAccountName -eq "krbtgt"} -Properties WhenChanged

# # variaveis de coleta de informações sobre o ataque DCSync.

$reversiblePwd = Get-ADDefaultDomainPasswordPolicy
$reversiblePwd2 = $reversiblePwd.ReversibleEncryptionEnabled

# Variaveis de coleta de informações sobre Kerberos Delegation / Print Spooler

service
$kerbdelegation = Get-ADObject -filter { (UserAccountControl -BAND 0x0080000) -OR
(UserAccountControl -BAND 0x1000000) -OR (msDS-AllowedToDelegateTo -like '*') } -
prop Name,ObjectClass,PrimaryGroupID,UserAccountControl,ServicePrincipalName,msDS-
AllowedToDelegateTo

foreach ($dc in $domainControllers) {

$spooler = Get-Service -Name "Spooler" -ComputerName $dc.HostName
if ($spooler.Status -eq "Running") {
$spoolerEnabled = $($dc.HostName)
} else {
$spoolerDisabled = $($dc.HostName)
}
}

# ----------------------------------------------- #
# Apresentação na tela das informações coletadas. #
# ----------------------------------------------- #

Write-Host "---------------------------------------------------------"
Write-Host "RESUMO DAS INFORMAÇÕES DO ACTIVE DIRECTORY" -ForegroundColor Yellow
Write-Host "---------------------------------------------------------"
Write-Host "Nome do domínio.......................:" -ForegroundColor white -
NoNewLine; Write-Host " $domainName" -ForegroundColor Green
Write-Host "Nível funcional da floresta...........:" -ForegroundColor white -
NoNewLine; Write-Host " $ForestFunctionalLevel" -ForegroundColor Green
Write-Host "Quantidade de usuários................:" -ForegroundColor white -
NoNewLine; Write-Host " $usersCount" -ForegroundColor Green
Write-Host "Quantidade de computadores............:" -ForegroundColor white -
NoNewLine; Write-Host " $computersCount" -ForegroundColor Green
Write-Host "Quantidade de domain controllers......:" -ForegroundColor white -
NoNewLine; Write-Host " $($domainControllers.name.ToString().count) " -
ForegroundColor Green
Write-Host "Quantidade de grupos..................:" -ForegroundColor white -
NoNewLine; Write-Host " $GroupsCount" -ForegroundColor Green
Write-Host "Quantidade de OUs.....................:" -ForegroundColor white -
NoNewLine; Write-Host " $OUsCount" -ForegroundColor Green
Write-Host "---------------------------------------------------------"
Write-Host "INFORMAÇÕES DE OBJETOS (CSV)" -ForegroundColor Yellow
Write-Host "---------------------------------------------------------"
Write-Host "Usuários com senha que nunca expira...:" -ForegroundColor white -
NoNewLine; Write-Host ""$tuserspne"" -ForegroundColor Red
Write-Host "Usuários desabilitados................:" -ForegroundColor white -
NoNewLine; Write-Host ""$tusersdisabled"" -ForegroundColor Red
Write-Host "Usuários sem logon (180 dias..........:" -ForegroundColor white -
NoNewLine; Write-Host ""$tusers180dias"" -ForegroundColor Red
Write-Host "Usuários no grupo Domain Admins.......:" -ForegroundColor white -
NoNewLine; Write-Host ""$tusersadmin"" -ForegroundColor Red
Write-Host "Usuários no grupo Administrators......:" -ForegroundColor white -
NoNewLine; Write-Host ""$tusersadmin1"" -ForegroundColor Red
Write-Host "Usuários inativos (180 dias)..........:" -ForegroundColor white -
NoNewLine; Write-Host ""$tinativos"" -ForegroundColor Red
Write-Host "Usuários com SIDHistory...............:" -ForegroundColor white -
NoNewLine; Write-Host ""$tuserssidhistory"" -ForegroundColor Red
Write-Host "AdminSDHolder.........................:" -ForegroundColor white -
NoNewLine; Write-Host ""$tAdminsdHolder"" -ForegroundColor Red
Write-Host "Conta Guest Habilitada................:" -ForegroundColor white -
NoNewLine; Write-Host " $($Guest.name.ToString().count)" -ForegroundColor Red
Write-Host "---------------------------------------------------------"
Write-Host "POLITICA DE SENHA DO DOMINIO" -ForegroundColor Yellow
Write-Host "---------------------------------------------------------"
Write-Host "Politica de senha - Complexidade......: "-ForegroundColor white -
NoNewLine; Write-Host "$passcomp" -ForegroundColor Green
Write-Host "Politica de senha - Tamanho da senha..: "-ForegroundColor white -
NoNewLine; Write-Host "$passlengh" -ForegroundColor Green
Write-Host "Politica de senha - Historico.........: "-ForegroundColor white -
NoNewLine; Write-Host "$passhistory" -ForegroundColor Green
Write-Host "Politica de senha - Tentativas erradas: "-ForegroundColor white -
NoNewLine; Write-Host "$passblock" -ForegroundColor Green
Write-Host "Politica de senha - Tempo de bloqueio.: "-ForegroundColor white -
NoNewLine; Write-Host "$passdesblock" -ForegroundColor Green
Write-Host "Politica de senha - Idade maxima......: "-ForegroundColor white -
NoNewLine; Write-Host "$passage" -ForegroundColor Green
Write-Host "Politica de senha - Idade Minima......: "-ForegroundColor white -
NoNewLine; Write-Host "$passage2" -ForegroundColor Green
Write-Host "---------------------------------------------------------"
Write-Host "GOLDEN TICKET ATTACK" -ForegroundColor Yellow
Write-Host "---------------------------------------------------------"
Write-Host "A conta krbtgt foi modificada em:..:" -ForegroundColor white -
NoNewLine; Write-Host " $($krbtgt.WhenChanged.ToString())" -ForegroundColor Green
Write-Host "---------------------------------------------------------"
Write-Host "DCSYNC ATTACK" -ForegroundColor Yellow
Write-Host "---------------------------------------------------------"
Write-Host "Criptografia reversivel habiltada.....:" -ForegroundColor white -
NoNewLine; Write-Host "$reversiblePwd2" -ForegroundColor Green
Write-Host "---------------------------------------------------------"
Write-Host "PRINT SPOOLER ATTACK" -ForegroundColor Yellow
Write-Host "---------------------------------------------------------"
Write-Host "Kerberos Delegation...................:" -ForegroundColor white -
NoNewLine; Write-Host " $($kerbdelegation.name.ToString().count)" -ForegroundColor
Red
Write-Host "DCs com Print Spooler Habilitado......:" -ForegroundColor White -
NoNewline; Write-Host ""$spoolerEnabled.count"" -ForegroundColor Red
Write-Host "---------------------------------------------------------"

New-Item $folder/ADSecAssessment-Overview.txt -type file -Force >null

$bloco = @("
---------------------------------------------------------
RESUMO DAS INFORMAÇÕES DO ACTIVE DIRECTORY
---------------------------------------------------------
Nome do domínio.......................: $domainName
Nível funcional da floresta...........: $ForestFunctionalLevel
Quantidade de usuários................: $usersCount
Quantidade de computadores............: $computersCount
Quantidade de domain controllers......: $domainControllers
Quantidade de grupos..................: $GroupsCount
Quantidade de OUs.....................: $OUsCount
---------------------------------------------------------
INFORMAÇÕES DE OBJETOS (CSV)
---------------------------------------------------------
Usuários com senha que nunca expira...: $tuserspne
Usuários desabilitados................: $tusersdisabled
Usuários sem logon (180 dias..........: $tusers180dias
Usuários no grupo Domain Admins.......: $tusersadmin
Usuários no grupo Administrators......: $tusersadmin1
Usuários inativos (180 dias)..........: $tinativos
Usuários com SIDHistory...............: $tuserssidhistory
AdminSDHolder.........................: $tAdminsdHolder
Conta Guest Habilitada................: $Guest
---------------------------------------------------------
POLITICA DE SENHA DO DOMINIO
---------------------------------------------------------
Politica de senha - Complexidade......: $passcomp
Politica de senha - Tamanho da senha..: $passlengh
Politica de senha - Historico.........: $passhistory
Politica de senha - Tentativas erradas: $passblock
Politica de senha - Tempo de bloqueio.: $passdesblock
Politica de senha - Idade maxima......: $passage
Politica de senha - Idade Minima......: $passage2
---------------------------------------------------------
GOLDEN TICKET ATTACK
---------------------------------------------------------
A conta krbtgt foi modificada em:..: $($krbtgt.WhenChanged.ToString())
---------------------------------------------------------
DCSYNC ATTACK
---------------------------------------------------------
Criptografia reversivel habiltada.....: $reversiblePwd2
---------------------------------------------------------
PRINT SPOOLER ATTACK
---------------------------------------------------------
Kerberos Delegation...................: $($kerbdelegation.name.ToString().count)
DCs com Print Spooler Habilitado......: $spoolerEnabled.count
---------------------------------------------------------

$bloco | Add-Content $folder/ADSecAssessment-Overview.txt

# ----------------------------------------- #
# Exportação de informações no formato CSV. #
# ----------------------------------------- #
$userspne | Export-Csv -Path "C:\temp\users-password-never-expire.csv" -
NoTypeInformation -Encoding UTF8
$usersadmin | Export-Csv -Path "C:\temp\users-domain-admins.csv" -NoTypeInformation
-Encoding UTF8
$usersadmin1 | Export-Csv -Path "C:\temp\users-domain-administrators.csv" -
NoTypeInformation -Encoding UTF8
$usersdisabled | Export-Csv -Path "C:\temp\users-disabled.csv" -NoTypeInformation -
Encoding UTF8
$users180dias | Export-Csv -Path "C:\temp\users-not-logged-on-180-days.csv" -
NoTypeInformation -Encoding UTF8
$userssidhistory | Export-Csv -Path "C:\temp\users-sidhistory.csv" -
NoTypeInformation -Encoding UTF8
$AdminsdHolder | Export-Csv -Path "C:\temp\AdminsdHolder.csv" -NoTypeInformation -
Encoding UTF8
$kerbdelegation | Export-Csv -Path "C:\temp\Kerbdelegation.csv" -NoTypeInformation
-Encoding UTF8
$spoolerEnabled | Export-Csv -Path "C:\temp\PrintSpoolerEnabled.csv" -
NoTypeInformation -Encoding UTF8
$inativos | Export-Csv -Path "C:\temp\usuarios-inativos.csv" -NoTypeInformation -
Encoding UTF8

# Validação de arquivos CSV.

$csvFiles = Get-ChildItem -Path $folder -Filter "*.csv" -Recurse

if ($csvFiles) {
Write-Host $csvFiles.count "Arquivos .csv criados com sucesso" -
ForegroundColor Green
foreach ($file in $csvFiles) {
# Write-Host $file.count
}
} else {
Write-Host "Não foi possivel gravar os arquivos .csv na pasta $folder" -
ForegroundColor Red
}

# Geração de hash

$arquivos = Get-ChildItem $folder

foreach ($arquivo in $arquivos) {

$hash = (Get-FileHash $arquivo.FullName).Hash
Write-host "$($arquivo.Name) - $hash" *>> $folder/ADSecAssessment-Hash.txt
}
Write-Host "Hashes criado com sucesso" -ForegroundColor Green

Premier General Catalogue PDF
No ratings yet
Premier General Catalogue PDF
48 pages
SOLUTION, SUSPENSION and COLLOID Activity Sheet
67% (3)
SOLUTION, SUSPENSION and COLLOID Activity Sheet
1 page
Powershell Tips Tricks
No ratings yet
Powershell Tips Tricks
19 pages
CRTP
No ratings yet
CRTP
30 pages
Natural Dyeing of Cotton Fabric
100% (2)
Natural Dyeing of Cotton Fabric
35 pages
Quality Improvement Training Guide 2022
No ratings yet
Quality Improvement Training Guide 2022
99 pages
Blue Team Notes
No ratings yet
Blue Team Notes
295 pages
Gr11 P2 ECO June 2024 Question Paper - 125612
100% (1)
Gr11 P2 ECO June 2024 Question Paper - 125612
13 pages
Active Directory Penetration Testing Checklist
No ratings yet
Active Directory Penetration Testing Checklist
7 pages
Active Directory Exploitation Cheat Sheet: Share
100% (1)
Active Directory Exploitation Cheat Sheet: Share
14 pages
Iso 3960 2007 en FR PDF
No ratings yet
Iso 3960 2007 en FR PDF
6 pages
ADRecon
No ratings yet
ADRecon
189 pages
Active Directory Exploitation Cheat Sheet by S1Ckb0Y1337
100% (1)
Active Directory Exploitation Cheat Sheet by S1Ckb0Y1337
28 pages
Ad PEAS
No ratings yet
Ad PEAS
389 pages
Active Directory Useful Powershell Commands and Scripts 1739748834
No ratings yet
Active Directory Useful Powershell Commands and Scripts 1739748834
49 pages
Pressure Equipment - European Commission PDF
No ratings yet
Pressure Equipment - European Commission PDF
22 pages
LAB Module 4
No ratings yet
LAB Module 4
13 pages
ADACLScan
No ratings yet
ADACLScan
253 pages
LDB MP2020 FRMWRK
No ratings yet
LDB MP2020 FRMWRK
77 pages
RAC QB Final-2023
No ratings yet
RAC QB Final-2023
9 pages
Igcse
No ratings yet
Igcse
9 pages
35.232-2016.30 Balsam Tawfiq Swaidan
No ratings yet
35.232-2016.30 Balsam Tawfiq Swaidan
70 pages
Offensive Enumeration in Ad
No ratings yet
Offensive Enumeration in Ad
13 pages
6 +Enumeration+In+Active+Directory
No ratings yet
6 +Enumeration+In+Active+Directory
16 pages
YLSTD30-40K01小功率直流充电桩用户手册User Manua V1 - (EN&CN) ) 已校对
No ratings yet
YLSTD30-40K01小功率直流充电桩用户手册User Manua V1 - (EN&CN) ) 已校对
17 pages
Most Used Powershell Command
No ratings yet
Most Used Powershell Command
13 pages
Power Shell
No ratings yet
Power Shell
90 pages
Michel Peletz - Kinship Studies in Late Twentieth-Century Anthropology
No ratings yet
Michel Peletz - Kinship Studies in Late Twentieth-Century Anthropology
31 pages
Project Milk Curdling
No ratings yet
Project Milk Curdling
15 pages
Enumerating Active Directory
No ratings yet
Enumerating Active Directory
23 pages
AD Privileged Audit - ps1
No ratings yet
AD Privileged Audit - ps1
24 pages
ISO 9001 Clauses Simply Explained Rev.1
No ratings yet
ISO 9001 Clauses Simply Explained Rev.1
26 pages
IBM DSAA-3xxx Series Hard Drives OEM Functional Specifications
No ratings yet
IBM DSAA-3xxx Series Hard Drives OEM Functional Specifications
50 pages
Soil Classification Using Horizontal To Vertical Spectrum Ratio Methods On Scilab in Sendangmulyo, Semarang
No ratings yet
Soil Classification Using Horizontal To Vertical Spectrum Ratio Methods On Scilab in Sendangmulyo, Semarang
8 pages
Huge List of Powershell Commands For Active Directory, Office 365 and More
No ratings yet
Huge List of Powershell Commands For Active Directory, Office 365 and More
34 pages
School Plan of Activities Sembreak
No ratings yet
School Plan of Activities Sembreak
2 pages
SystemInfo v2
No ratings yet
SystemInfo v2
12 pages
SANS PowerShell Enterprise Cloud Compliance Cheatsheet v1.0.2
No ratings yet
SANS PowerShell Enterprise Cloud Compliance Cheatsheet v1.0.2
2 pages
Get - Active - Directory - Information - With - PowerShell - Script - 1737381381 L
No ratings yet
Get - Active - Directory - Information - With - PowerShell - Script - 1737381381 L
3 pages
Invoke TrimarcADChecks
No ratings yet
Invoke TrimarcADChecks
10 pages
Offensive Enumeration in
No ratings yet
Offensive Enumeration in
13 pages
Srs Report
No ratings yet
Srs Report
24 pages
System Info 6
No ratings yet
System Info 6
5 pages
Message
No ratings yet
Message
8 pages
Get Ad Computers
No ratings yet
Get Ad Computers
3 pages
DCAudit Upgrade
No ratings yet
DCAudit Upgrade
5 pages
PowerShell Tutorial 9-16
No ratings yet
PowerShell Tutorial 9-16
8 pages
Invoke ACLScanner
No ratings yet
Invoke ACLScanner
2 pages
Console Output
No ratings yet
Console Output
2 pages
Skrypt
No ratings yet
Skrypt
5 pages
PowerView PDF
No ratings yet
PowerView PDF
2 pages
Get GPODelegation
No ratings yet
Get GPODelegation
1 page
Active Directory Health
No ratings yet
Active Directory Health
9 pages
XA65 SummaryReportV2
No ratings yet
XA65 SummaryReportV2
18 pages
Active Directory Information Search
No ratings yet
Active Directory Information Search
1 page
CFor Speed Setup
No ratings yet
CFor Speed Setup
13 pages
Power Shell Scripts
No ratings yet
Power Shell Scripts
10 pages
User Handling in Ad
No ratings yet
User Handling in Ad
1 page
Main - Powershell Active Directory Cheat Sheet
No ratings yet
Main - Powershell Active Directory Cheat Sheet
2 pages
Export AD Users To CSV.v1.0
No ratings yet
Export AD Users To CSV.v1.0
2 pages
Duckycode
No ratings yet
Duckycode
4 pages
Introduction To Active Directory Module Cheat Sheet
No ratings yet
Introduction To Active Directory Module Cheat Sheet
3 pages
1 Datasheet Solis-3P10K-4G
No ratings yet
1 Datasheet Solis-3P10K-4G
2 pages
KP Technical Seminal Final Report FINAL
No ratings yet
KP Technical Seminal Final Report FINAL
30 pages
Main - Powershell Active Directory Cheat Sheet
No ratings yet
Main - Powershell Active Directory Cheat Sheet
2 pages
Powershell Import Update Users Groups From CSV File
No ratings yet
Powershell Import Update Users Groups From CSV File
2 pages
Notes
No ratings yet
Notes
8 pages
Adreport ps1 v2
No ratings yet
Adreport ps1 v2
29 pages
List Cmdlets
No ratings yet
List Cmdlets
11 pages
PENTEST Sur AD
No ratings yet
PENTEST Sur AD
2 pages
Active Directory Command Line One
No ratings yet
Active Directory Command Line One
9 pages
User Attributes AD Command
No ratings yet
User Attributes AD Command
3 pages
PS Delete TEMP Logon User
No ratings yet
PS Delete TEMP Logon User
2 pages
One-Way ANOVA: (Independent Group and Repeated Measures)
No ratings yet
One-Way ANOVA: (Independent Group and Repeated Measures)
36 pages
Water Ingress Analysis and Splash Protection Evaluation For Vehicle Wading Using Non-Classical CFD Simulation
No ratings yet
Water Ingress Analysis and Splash Protection Evaluation For Vehicle Wading Using Non-Classical CFD Simulation
13 pages
Power View
No ratings yet
Power View
2 pages
Impact of HL On QOL
No ratings yet
Impact of HL On QOL
8 pages
BROCHURE
No ratings yet
BROCHURE
4 pages
Reflective Essay 1
No ratings yet
Reflective Essay 1
2 pages
Assessment Task 2: Activity No. 1
No ratings yet
Assessment Task 2: Activity No. 1
5 pages
Windows Cmds
No ratings yet
Windows Cmds
4 pages
TOMEI Camshaft Spec Card TOMEI Camshaft Spec Card TOMEI Camshaft Spec Card
No ratings yet
TOMEI Camshaft Spec Card TOMEI Camshaft Spec Card TOMEI Camshaft Spec Card
1 page
All Adds Powershell Command
No ratings yet
All Adds Powershell Command
6 pages
ADPowerShell QuickReference
No ratings yet
ADPowerShell QuickReference
2 pages
Power Shell Scripts 1
No ratings yet
Power Shell Scripts 1
8 pages
Catalist-Listed ES Group Announces Revised Chartering Agreement and New Vessel Sale To Sea Hub Tankers For S$29.4 Million
No ratings yet
Catalist-Listed ES Group Announces Revised Chartering Agreement and New Vessel Sale To Sea Hub Tankers For S$29.4 Million
3 pages
Azure For Starters
From Everand
Azure For Starters
Chinmoy Mukherjee
No ratings yet
Oklahoma Night Before Christmas
From Everand
Oklahoma Night Before Christmas
Carolyn Macy
No ratings yet
Basic DBA Query v.1: Oracle Database
From Everand
Basic DBA Query v.1: Oracle Database
Oraclesql-plsql
5/5 (1)
How to a Developers Guide to 4k: Developer edition, #3
From Everand
How to a Developers Guide to 4k: Developer edition, #3
Xinc Cyberwizard
No ratings yet

ADSec Assessment

Uploaded by

ADSec Assessment

Uploaded by

#----------------------------------------------------------------------------------

# Exibe o nome do script

$usersadmin = Get-ADGroupMember -Identity "Domain Admins" -Recursive | Get-ADUser -

$usersadmin1 = Get-ADGroupMember -Identity "Administrators" -Recursive | Get-ADUser

$usersdisabled = Get-ADUser -Filter {(Enabled -eq $false)} -Properties

$users180dias = Get-ADUser -Filter {LastLogonTimeStamp -lt $180daysAgo} -Properties

$userssidhistory = Get-ADUser -LDAPFilter '(!sidhistory=*)' -Properties

$AdminsdHolder= get-aduser -Filter {admincount -gt 0} -Properties adminCount -

$Guest = Get-ADUser -Filter {SamAccountName -eq "Guest"} -Properties Enabled

$inativos = Search-ADAccount –AccountInActive –UsersOnly –TimeSpan 180:00:00:00 –

# variaveis de coleta de informações sobre o ataque Golden Ticket.

# # variaveis de coleta de informações sobre o ataque DCSync.

# Variaveis de coleta de informações sobre Kerberos Delegation / Print Spooler

foreach ($dc in $domainControllers) {

New-Item $folder/ADSecAssessment-Overview.txt -type file -Force >null

$bloco | Add-Content $folder/ADSecAssessment-Overview.txt

# Validação de arquivos CSV.

$csvFiles = Get-ChildItem -Path $folder -Filter "*.csv" -Recurse

$arquivos = Get-ChildItem $folder

foreach ($arquivo in $arquivos) {

You might also like