Search Results for "ad audit"

...It implements the First Principles Framework (FPF) to guide users and AI tools through hypothesis generation, logical verification, evidence gathering, and documented decision making, reducing reliance on ad hoc or “vibe” coding. Instead of accepting the first plausible answer generated by an AI assistant, Quint Code encourages generating multiple competing hypotheses, verifying them, and validating them against real evidence stored in a structured “knowledge base” within your project. It supports a cycle of abduction, deduction, and induction backed by CLI commands (like /q1-hypothesize, /q2-verify, /q3-validate, etc.) that create a persisting audit trail in a .quint/ directory.

PrivescCheck is a local privilege escalation reconnaissance tool for Unix-like systems that automates common checks auditors and system owners run when looking for misconfigurations. It enumerates kernel versions, installed packages, SUID/SGID binaries, world-writable files and directories, services, cron jobs, and user/group permissions to highlight likely escalation paths. The output is organized and human-readable so operators can triage findings quickly—flagging high-risk items...

Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of...

...The system supports tagging, sketch notes, and story building so teams can annotate findings and share context without losing the raw data trail. Integrations with popular DFIR pipelines make ingestion repeatable, while role-based access and audit logs support enterprise workflows. By combining scale, collaboration, and reproducibility, Timesketch moves incident response beyond ad-hoc spreadsheets to a durable, team-oriented investigation record.

...It works alongside a data stack—typically built with dbt—and allows you to express metrics as YAML‐based definitions tied to semantic models and dimension tables, rather than embedding logic ad-hoc across many dashboards or scripts. When a user or tool requests a metric (e.g., “monthly revenue by region”), MetricFlow generates optimized, warehouse-specific SQL to compute that metric, handling joins, filters, time grains, offsets, and other complexities under the hood. Because metric definitions live centrally, you avoid duplication across teams and tools, reduce risk of inconsistent numbers, and make it easier to audit and evolve the logic over time. ...

BloodHound Legacy is the deprecated open‑source version of the BloodHound Active Directory attack path analysis tool. It uses graph theory to model and visualize privileged relationships in AD, Entra ID, and Azure environments. Security professionals use it to enumerate domain privilege escalation paths, misconfigurations, and attack surfaces in corporate networks

openNAC is an opensource Network Access Control for corporate LAN / WAN environments. It enables authentication, authorization and audit policy-based all access to network. It supports diferent network vendors like Cisco, Alcatel, 3Com or Extreme Networks, and different clients like PCs with Windows or Linux, Mac,devices like smartphones and tablets. Based on open source components and self-development It is based on industry standards such as FreeRadius, 802.1x, AD, ldap, ...It is very extensible, new features can be incorporated because it is architectured in plugins. ...

This software helps systems administrators in a Windows environment to keep track of Active Directory. It will ensure that membership in groups are not given to the wrong members.

Domain Auditor was written to simplify the task of tracking pooled accounts within an AD domain. The driver behind the tool is compliance with Sarbanes-Oxley (SOX) requirements. Domain Auditor simplifies generting reports to satisfy audit requirements.

Tout admin ayant géré des fermes RDS sous Windows connaît "Galinette cendrée" de Mehdy Bouchiba — LA référence pour monitorer, shadow, et gérer les sessions des utilisateurs. Mais l'app est desktop, vieillissante, et sans audit multi-admins. J'ai développé une version web moderne, open-source (MIT), déployée en Docker, avec la même philosophie : Login AD avec filtrage par groupe Les 4 modes Shadow (view/control, avec/sans consentement) Liste live multi-serveurs avec tri, recherche, filtres Journal d'audit intégré (qui a fait quoi, quand) Dashboard santé de la ferme Dynamique : ajout de serveurs depuis l'UI Aucun agent, aucune GPO, aucun compte de service Le tout en ~1000 lignes de Python + React, déployable via Portainer en 3 minutes. ...