Scanner

How to scan workstations quickly
Home » Documentation » Scanner

Checking workstations for local admin privileges, open shares, startup time is usually complex and requires an admin. PingCastle’s scanner bypass these classic limits.

Prerequisites

AD connectivity

Access to the Active Directory via a local account or an account from a trusted domain

No local requirements

PingCastle requires only the dotnet framework version 2 available starting from Windows 2000

No domain requirements

Any users can query the objects stored in the domain or the GPO objects.

Build it

The report can be generated in the interactive mode by choosing “scanner” or just by pressing Enter. Then the list of available scanner is displayed.

As an alternative, the scanner can be run using the command:

PingCastle.exe --scanner <type> --server mydomain.com
Download an example

The export menu can be triggered in the interactive mode by choosing “export” or just by pressing Enter. Then the list of available export is displayed.

As an alternative, the export can be run using the command:

PingCastle.exe --export <type> --server mydomain.com

Scanners

There is 6 available scanners.

This module enumerates the local admin accounts on the workstations and servers of the domain.

Scan for the famous wannacry vulnerability.

It should trigger an antivirus alert. Please note that the vulnerability is not exploited at all.

Check for replication USN consistency.

Scan for local share and indicates if the share can be read by anyone.

Check for the version of the protocol SMB (used for file share) available.

The SMB signing status is indicagted.

Check for the computer startup date.