PSPKIAudit
Overview
PSPKIAudit is a PowerShell module designed for auditing Active Directory Certificate Services (AD CS) infrastructure. It provides a set of cmdlets to help identify misconfigurations and potential vulnerabilities in AD CS deployments.
Key Features
- Enumerate and analyze certificate templates
- Identify misconfigured CA settings
- Detect vulnerable PKI object permissions
- Assess overall AD CS security posture
- Generate detailed reports of findings
Advertisement Placeholder
Usage Example
Here's a basic example of how to use PSPKIAudit to audit certificate templates:
Import-Module PSPKIAudit Get-PKICertificateTemplate | Where-Object $_.EnrollmentFlag -eq 'CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT'This command will list all certificate templates where the enrollee can supply the subject, which could be a potential security risk.