Windows Permission Identifier

This tool enables administrators and penetration testers to review and audit the permissions of users on a Windows machine.

  • System Requirements: Windows 2000 or higher
  • Version: 1.0
  • Released: 17th January 2006

Windows Permission Identifier can check;

  • File ACLs
  • Folder ACLs
  • Registry ACLs
  • Services Permissions
  • Shares
  • Installation rights
  • Internet Access and so on.

The GUI enables the administrator to create policies that can be saved in XML format. The Windows machines permissions are then checked against this policy. Administrators are able to run checks against existing organizational Windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use.
WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed.

Table Of Contents

Add a header to begin generating the table of contents

Windows Permission Identifier Screen-shots :

windows_permission_ss1
Creating Policies
windows_permission_ss6
Viewing Registry Hives
windows_permission_ss5
Editing Registry Permission
windows_permission_ss4
Adding Registry Policy Checks
windows_permission_ss3
Results of System Scan
windows_permission_ss2
Running Policy Checks

Windows Permission Identifier FAQ :

Q. How do I use the Windows Permission Identifier?

You create a policy. Choose a user you wish to test. Click Start. Export data.

Q. What does it do?

It checks permissions. If you have a user and you want to know what that user can do on the machine. Run this tool. It will tell you what the user can do to the objects selected. Read, write, execute and so on.

Q. How do I check group permissions?

Create a user and give them group access to the group you want to check. Run the test against the user.

Q. Is this sample policy check suitable for my Windows machine?

NO. The sample policy is a sample only. It does not reflect that settings we recommend. Your policy should reflect the environment and functionality of your Windows machine. For example a desktop PC for a standard office user may allow the user to have execute permission to all the *.exe files within the “program files” directory. A Windows machine being used as an EPOS system my not allow any permissions at all within the “programs file” directory.

Download

Download

CATEGORIES
  • Asir says:

    Good stuff!
    Thanks Nathan

  • RHiltbrunn says:

    I’m going through your end-point class. Love it so far. Thanks for the tool!

  • bah ishmael says:

    great tool

  • manoli says:

    Good Post.

  • Tashi says:

    came here while going through end point protection course of yours. Interesting tool.

  • >