This tool enables administrators and penetration testers to review and audit the permissions of users on a Windows machine.
- System Requirements: Windows 2000 or higher
- Version: 1.0
- Released: 17th January 2006
Windows Permission Identifier can check;
- File ACLs
- Folder ACLs
- Registry ACLs
- Services Permissions
- Installation rights
- Internet Access and so on.
The GUI enables the administrator to create policies that can be saved in XML format. The Windows machines permissions are then checked against this policy. Administrators are able to run checks against existing organizational Windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use.
WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed.
Windows Permission Identifier Screen-shots :
Windows Permission Identifier FAQ :
Q. How do I use the Windows Permission Identifier?
You create a policy. Choose a user you wish to test. Click Start. Export data.
Q. What does it do?
It checks permissions. If you have a user and you want to know what that user can do on the machine. Run this tool. It will tell you what the user can do to the objects selected. Read, write, execute and so on.
Q. How do I check group permissions?
Create a user and give them group access to the group you want to check. Run the test against the user.
Q. Is this sample policy check suitable for my Windows machine?
NO. The sample policy is a sample only. It does not reflect that settings we recommend. Your policy should reflect the environment and functionality of your Windows machine. For example a desktop PC for a standard office user may allow the user to have execute permission to all the *.exe files within the “program files” directory. A Windows machine being used as an EPOS system my not allow any permissions at all within the “programs file” directory.