ACLight – a script for advanced discovery of sensitive Privileged Accounts.

Overview

ACLight is a Script for advanced discovery of sensitive Privileged Accounts.

 

How to get this tool

To use this tool, please use a method listed below.

In a Linux (Debian OS), run the following command(s).

git clone https://github.com/cyberark/ACLight.git
cd ACLight/

 

Download directly from the following link:

 

How to execute

Launch the Execute-ACLight.bat file


By default, ACLight automatically scans all the domains of the scanned network forest.

 

Reading the results files:

  1. First, check the scan’s executive summary "Privileged Accounts - Layers Analysis.txt" - It's an important and straight-forward list of the most privileged accounts that were discovered in the scanned network.
  2. "Privileged Accounts Permissions - Final Report.csv" - This is the final summary report, in this file you will find what are the exact sensitive permissions each account has.
  3. "Privileged Accounts Permissions - Irregular Accounts.csv", similar to the final report with only the privileged accounts that have direct assignment of ACL permissions (not through their group membership).

 

References:

 

-----

Next steps:

 

This article was contributed by Jason Jacobs from Guyana. Jason is a member of the Caribbean CSPA.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.