Company | Vision | Leadership | Products | Services | Support | News | Careers | Contact


2007
2008

2009
Learn more about this Serious Active Directory Security Risk
Home
Overview
Capabilities
Uniqueness
Audience
Features
Benefits
Solutions
Editions
FAQ +
Demos
Trials
Sales


What's new in ver 5.0?

See Deployment
See Deployment
Download Free Trial
Download Trial

Gold Finger was designed to empower IT personnel to adequately secure and defend their Active Directory.

IT Windows
Admins		 IT Security
Analysts		 IT Risk
Assessors		 IT Security
Pen Testers		 IT Security
Managers		 IT Compliance
Auditors


IT Penetration Testers

Gold Finger helps IT Penetration Testers instantly obtain access to highly valuable security and access information which could be substantially helpful in performing penetration tests.


With Gold Finger IT Penetration Testers can instantly –

  1. Determine true effective permissions on any Active Directory object to find out who really has what access on the object
  2. Determine exactly who can enact which identity and access management tasks in an Active Directory, where and how
  3. Discover thousands of unauthorized delegated access grants in the Active Directory which could be easily exploited to escalate privilege
  4. Assess and verify administrative privileges on all user accounts and security groups, including on all executive and IT admin accounts
  5. Analyze Active Directory security permissions to find out who has what permissions, where and how, across the Active Directory
  6. Generate completely customizable professional-grade security-audit, group membership and delegated access PDF reports
  7. Export the ACLs of all Active Directory objects in an OU / domain for offline analysis, audit reporting, documentation and archival
  8. Identify all active and inactive, recently created and deleted, stale, locked, disabled and unmanaged user accounts in Active Directory
  9. View and document all failed password attempts in the last 24-hours
  10. Locate and document all domain-joined computers that are currently in use or are unused, unmanaged, stale or trusted for delegation
  11. View and document the status, state and group membership of any Active Directory based security group, including nested groups
  12. Uncover all Active Directory objects on which a specific user or a security group might have sensitive security permissions granted
  13. Enumerate the direct as well as the complete expanded membership of any Active Directory security group
  14. Query the Active Directory using completely custom filters

Most importantly, Gold Finger helps IT Penetration Testers instantly and precisely uncover all security-privilege escalation paths in the Active Directory.

This information is invaluable for penetration testing because a single unauthorized grant in Active Directory could be the starting point of a sophisticated sequential privilege escalation based attack that could be used to obtain complete administrative privilege in Active Directory and subsequently penetrate the security of the entire IT infrastructure within minutes.

Everyone already has read access to Active Directory, so, with the right tools, any insider could find unauthorized grants in Active Directory. One unauthorized access grant in Active Directory is usually all that a malicious perpetrator needs to launch a sophisticated privilege-escalation based attack.  Just, One.

Only Gold Finger can instantly and accurately assess resultant-access in Active Directory and find real unauthorized access grants in Active Directory.

For IT Risk Assessors For IT Risk Assessors
For IT Security Managers For IT Security Managers

Contact Us
Who We Are What We Do How We Protect You
Home

Terms of Use Copyright Paramount Defenses Inc  2006 – 2012. All Rights Reserved Privacy Policy