performing-active-directory-vulnerability-assessment

Featured

Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.

AI & Automation 16,326 stars 1981 forks Updated 2 weeks ago Apache-2.0

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
90
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Active Directory Vulnerability Assessment ## Overview Active Directory (AD) is the primary identity and access management system in most enterprise environments, making it a critical attack target. This skill covers comprehensive AD security assessment using PingCastle for health checks, BloodHound for attack path analysis, and Purple Knight for security posture scoring. These tools identify misconfigurations, excessive privileges, Kerberos weaknesses, and lateral movement opportunities. ## When to Use - When conducting security assessments that involve performing active directory vulnerability assessment - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Domain-joined workstation or domain admin access for scanning - PingCastle (https://github.com/netwrix/pingcastle) - BloodHound Community Edition with SharpHound collector - Purple Knight from Semperis (free community tool) - Python 3.9+ for analysis scripts - .NET Framework 4.7+ for PingCastle on Windows ## Tool 1: PingCastle Health Check ### Installation and Execution ```powershell # Download PingCastle Invoke-WebRequest -Uri "https://github.com/netwrix/pingcastle/releases/latest/download/PingCastle.zip" ` -OutFile "PingCastle.zip" Expand-Archive PingCastle.zip -DestinationPath C:\Tools\PingCastle # Run health check against curren...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
2 weeks ago
Language
Python
License
Apache-2.0

Bundled in these plugins

cybersecurity-skills

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

performing-active-directory-penetration-test

Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.

16,326 Updated 2 weeks ago
mukul975
AI & Automation Featured

executing-active-directory-attack-simulation

Executes authorized attack simulations against Active Directory environments to identify misconfigurations, weak credentials, dangerous privilege paths, and exploitable trust relationships that could lead to domain compromise. The tester uses BloodHound for attack path analysis, Mimikatz for credential extraction, and Impacket for protocol-level attacks including Kerberoasting, AS-REP Roasting, and delegation abuse. Activates for requests involving Active Directory pentest, AD attack simulation, domain compromise testing, or Kerberos attack assessment.

16,326 Updated 2 weeks ago
mukul975
AI & Automation Featured

performing-active-directory-bloodhound-analysis

Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.

16,326 Updated 2 weeks ago
mukul975