Sense of Security Launches Free Active Directory Recon Tool

ADRecon will help businesses meet compliance standards & identify security threats

We have officially launched our new Active Directory Recon Tool, ADRecon. The tool extracts information from the Active Directory (AD) and generates a cohesive report in Microsoft Excel, providing businesses with valuable information regarding the effectiveness of their AD configuration.

Weak passwords, unauthorised user access, outdated/dormant user accounts and weak policies are all common catalysts for security breaches. ADRecon will help organisations identify these shortcomings and address any compliance issues present in the directory.

ADRecon makes it convenient for security professionals to access information pertaining to their AD environment, by providing a generated raw report, as well as visual aids such as graphs which summarise valuable information to assists CIOs in making security decisions.

Prashant Mahajan, tool author and Consultant at Sense of Security says ADRecon will add invaluable convenience to security professionals, including IT administrators and CIOs. 

“We wanted to make ADRecon as easy as possible to use, which is why there are no complex steps involved – even somebody with a non-IT background such as the CEO can run the script,” Mahajan said.

“Being able to access a holistic view of your AD environment will help businesses save time, money, and assist them in identifying potential security threats before a hack occurs. This will prove to be particularly useful since the introduction of the Notifiable Data Breaches Scheme, which puts threat identification and security at the forefront of the law.”

ADRecon gathers the information using read-only queries and the report generated can assist with identifying issues regarding user accounts, privileges and host management. This can be used to discover deficiencies, enabling remediation and serving as evidence to demonstrate compliance requirements are met. 

Compliance issues such as generic accounts and lockout policies, dormant users, and users whose passwords are stored with reversible encryption can all be identified by the ADRecon reports. This information can then be used to tidy up an Active Directory, by removing users, computers and DNS records no longer required.


For more information on the tool and to download, please click here.