Domain Controllers are a core part of your enterprise infrastructure and are thus a target of choice for threat actors. Ensuring that your DCs do not contain vulnerabilities that expose them to compromise is a key part of your resilience to cyberattacks.
Silverfort’s Vulnerability Assessment Tool scans your domain, detects all domain controllers and assesses whether your domain is exposed to critical identity-based vulnerabilities:
- Zerologon (CVE-2020-1472)
- Kerberos Bronze Bit (CVE-2020-17049)
- Printer Spooler Vulnerabilities (CVE-2021-1675 and CVE-2021-34527 aka PrintNightmare and CVE-2021-34481)
- LDAP Relay
Disclaimers and Tool Security
Silverfort’s Vulnerability Assessment Tool uses public methods to scan and identify vulnerabilities remotely. It uses LDAP protocol to detect all domain controllers. Due to its sensitivity, we require the use of LDAPS (Secured) by default. The tool requires Domain Admin privileges to access the domain controllers using WMI to collect information needed to estimate the exposure status. The information collected by the tool is stored locally and is not sent out.
How to use the tool
- Download Silverfort Vulnerability Assessment Tool.
- Run SFDetector.exe from any Windows computer with network access to domain controllers.
- Insert Domain Admin credentials and Domain Fully Qualified Domain Name (FQDN).
- Choose desired vulnerability (all checked by default).
- Press Run and wait for the assessment to finish; a CSV output file will be created in the folder you ran the script from with results of the assessment.
If you would like to see this tool assess additional vulnerabilities or provide feedback, please reach out to [email protected]