Security Analysis of an Active Directory with the BTA tool presented at SSTIC 2014

by Philippe Biondi, Joffrey Czarny,

Summary : Most companies, large or small, using Microsoft technologies to work. The Active Directory is at the heart of these information systems.
When it comes to the security of the information system, Active Directory domain controllers are, or should be, a central concern in normal times to ensure compliance with best practices and, in a compromise proved to explore the possibility of cleaning the information system without having to rebuild Active Directory. Out, few tools can implement this process.
We present BTA, an audit Active Directory database and our methodology for verifying the application of good practices and the absence of malicious changes in these databases tool.