Attack Graph Visualizer and Explorer
Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people are just added to Domain Admins.
In large organizations you have a huge number of people with different needs, and they are delegated access to varying degrees of power in the AD. At some point in time, someone makes a mistake, and that can cost you dearly.
Adalanche visualizes delegation issues, kerberoastable accounts, AD CS issues and much, much more.
Analysis offers in-depth analysis of ownership, ACLs and other node relationships. The visualization allows you to explore nodes and edges via web based graph UI, in order to find misconfigurations that attackers would use against you if they were to attack your infrastructure.
Adalanche Query Language (AQL) offers comprehensive search abilities in the graph. AQL is a GQL-like language that allows for complex queries.
Adalanche can collect data from:
- Active Directory
- Windows machines
- VMware vSphere*
Adalanche integrates data from:
- Active Directory
- Windows machines (domain joined, or standalone)
- VMware vSphere(*)
- CyberArk(*)
- Password hashes / cracked passwords(*)
- Tiering models(*)
- Custom nodes and edges(*)
Reporting feature is in development(*)
(*) = paid version, see NetSection website
For more details, you can view the documentation here on Github, or from within the Adalanche UI.