A tool for automated Active Directory configuration assessment to identify vulnerabilities and misconfigurations. Operates in read‑only mode, connecting to a domain controller over LDAP(S).

Features:
📍 35 automated checks covering password policies, delegation, trusts, Kerberos, and ADCS.
📍 Analysis of privileged accounts and stale objects.
📍 Validation of LDAP‑signing, NTLMv1, WDigest, and domain functional level settings.
📍 Report generation in console, JSON, and HTML formats.
📍 A sample PowerShell script for deploying a vulnerable domain.

Unlike PingCastle and Purple Knight, ADPulse is fully open‑source, provides transparent checks, and integrates easily into CI/CD pipelines, though it currently lags behind them in visualization and reporting depth.

📎 Tool: https://github.com/dievus/ADPulse

💬 Discuss

ADPulse — Active Directory security audit via LDAP(S)