full screen background image

WINspect: Powershell-based Windows Security Auditing Toolbox

WINspect is part of a larger project for auditing different areas of Windows environments. It focuses on enumerating different parts of a Windows machine to identify security weaknesses and point to components that need further hardening. The main targets for the current version are domain-joined windows machines. However, some of the functions still apply for standalone workstations.

Features

This current version of the script supports the following features :

  • Checking for installed security products.
  • Enumerating world-exposed local filesystem shares.
  • Enumerating domain users and groups with local group membership.
  • Enumerating registry autoruns.
  • Enumerating local services that are configurable by Authenticated Users group members.
  • Enumerating local services for which corresponding binary is writable by Authenticated Users group members.
  • Enumerating non-system32 Windows Hosted Services and their associated DLLs.
  • Enumerating local services with unquoted path vulnerability.
  • Enumerating non-system scheduled tasks.
  • Checking for DLL hijackability.
  • Checking for User Account Control settings.
  • Checking for unattended installs leftovers.

Download

git clone https://github.com/A-mIn3/WINspect.git

Source: https://github.com/A-mIn3/WINspect

 

 

Πηγή : securityonline



Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Part-Time Hacker || Child Pornography & Sexual Abuse Combat


Leave a Reply