Windows Permission Identifier

February 4, 2023 / By

This tool enables administrators and penetration testers to review and audit the permissions of users on a Windows machine.

  • System Requirements: Windows 2000 or higher
  • Version: 1.0
  • Released: 17th January 2006

Windows Permission Identifier can check;

  • File ACLs
  • Folder ACLs
  • Registry ACLs
  • Services Permissions
  • Shares
  • Installation rights
  • Internet Access and so on.

The GUI enables the administrator to create policies that can be saved in XML format. The Windows machines permissions are then checked against this policy. Administrators are able to run checks against existing organizational Windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use.
WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed.

Table Of Contents

Add a header to begin generating the table of contents

Windows Permission Identifier Screen-shots :

windows_permission_ss1
Creating Policies
windows_permission_ss6
Viewing Registry Hives
windows_permission_ss5
Editing Registry Permission
windows_permission_ss4
Adding Registry Policy Checks
windows_permission_ss3
Results of System Scan
windows_permission_ss2
Running Policy Checks

Windows Permission Identifier FAQ :

Q. How do I use the Windows Permission Identifier?

You create a policy. Choose a user you wish to test. Click Start. Export data.

Q. What does it do?

It checks permissions. If you have a user and you want to know what that user can do on the machine. Run this tool. It will tell you what the user can do to the objects selected. Read, write, execute and so on.

Q. How do I check group permissions?

Create a user and give them group access to the group you want to check. Run the test against the user.

Q. Is this sample policy check suitable for my Windows machine?

NO. The sample policy is a sample only. It does not reflect that settings we recommend. Your policy should reflect the environment and functionality of your Windows machine. For example a desktop PC for a standard office user may allow the user to have execute permission to all the *.exe files within the “program files” directory. A Windows machine being used as an EPOS system my not allow any permissions at all within the “programs file” directory.

Hidden Content
CATEGORIES
  • Nathan House

    Nathan House is the founder and CEO of StationX. He has over 25 years of experience in cyber security, where he has advised some of the largest companies in the world. Nathan is the author of the popular "The Complete Cyber Security Course", which has been taken by over half a million students in 195 countries. He is the winner of the AI "Cyber Security Educator of the Year 2020" award and finalist for Influencer of the year 2022.

    View all posts

Related Articles

iCyberChef

http://icyberchef.com/ WHATA simple, intuitive web app for analysing and decoding … iCyberChef Read More »

Read More »

  • Asir says:
    October 24, 2017 at 9:25 am

    Good stuff!
    Thanks Nathan

    Reply
  • RHiltbrunn says:
    June 7, 2018 at 5:23 am

    I’m going through your end-point class. Love it so far. Thanks for the tool!

    Reply
  • bah ishmael says:
    September 6, 2018 at 10:24 am

    great tool

    Reply
  • manoli says:
    February 24, 2020 at 8:02 pm

    Good Post.

    Reply
  • Tashi says:
    June 1, 2021 at 2:47 pm

    came here while going through end point protection course of yours. Interesting tool.

    Reply
    • >