Windows Permission Identifier

This tool enables administrators and penetration testers to review and audit the permissions of users on a Windows machine.

  • System Requirements: Windows 2000 or higher
  • Version: 1.0
  • Released: 17th January 2006

Windows Permission Identifier can check;

  • File ACLs
  • Folder ACLs
  • Registry ACLs
  • Services Permissions
  • Shares
  • Installation rights
  • Internet Access and so on.

The GUI enables the administrator to create policies that can be saved in XML format. The Windows machines permissions are then checked against this policy. Administrators are able to run checks against existing organizational Windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use.
WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed.

Table Of Contents

Add a header to begin generating the table of contents

Windows Permission Identifier Screen-shots :

Creating Policies
Viewing Registry Hives
Editing Registry Permission
Adding Registry Policy Checks
Results of System Scan
Running Policy Checks

Windows Permission Identifier FAQ :

Q. How do I use the Windows Permission Identifier?

You create a policy. Choose a user you wish to test. Click Start. Export data.

Q. What does it do?

It checks permissions. If you have a user and you want to know what that user can do on the machine. Run this tool. It will tell you what the user can do to the objects selected. Read, write, execute and so on.

Q. How do I check group permissions?

Create a user and give them group access to the group you want to check. Run the test against the user.

Q. Is this sample policy check suitable for my Windows machine?

NO. The sample policy is a sample only. It does not reflect that settings we recommend. Your policy should reflect the environment and functionality of your Windows machine. For example a desktop PC for a standard office user may allow the user to have execute permission to all the *.exe files within the "program files" directory. A Windows machine being used as an EPOS system my not allow any permissions at all within the "programs file" directory.

Level Up in Cyber Security: Join Our Membership Today!

vip cta image
vip cta details
  • Nathan House

    Nathan House is the founder and CEO of StationX. He has over 25 years of experience in cyber security, where he has advised some of the largest companies in the world. Nathan is the author of the popular "The Complete Cyber Security Course", which has been taken by over half a million students in 195 countries. He is the winner of the AI "Cyber Security Educator of the Year 2020" award and finalist for Influencer of the year 2022.

  • Asir says:

    Good stuff!
    Thanks Nathan

  • RHiltbrunn says:

    I’m going through your end-point class. Love it so far. Thanks for the tool!

  • bah ishmael says:

    great tool

  • manoli says:

    Good Post.

  • Tashi says:

    came here while going through end point protection course of yours. Interesting tool.

  • Dalvizar says:

    i was from your first volume, seond volume, and third volume endpoint class student
    I hope I can get this tool to audit my company’s system


  • Oscar says:

    How can I download this tool? I don’t see the download link on this page.

  • >