Comprehensive Active Directory audit covering Kerberoasting, Pass-the-Hash, privilege escalation paths, GPO misconfigurations, delegation abuse and tier-0 protection, delivered by OSEP and CRTP-certified consultants.
An Active Directory security audit identifies real attack paths in your AD environment, the exact paths attackers exploit to escalate from a compromised workstation to Domain Admin. We test Kerberos abuse (Kerberoasting, AS-REP roasting), NTLM relay, delegation misconfigurations, ACL abuse and GPO weaknesses.
Codesecure's AD audit is delivered by OSCP, OSEP and CRTP-certified consultants under signed NDA. Every engagement uses BloodHound for path analysis plus deep manual exploitation. Output includes prioritized remediation, tier-0 protection recommendations and recurring monitoring suggestions.
Active Directory is the central nervous system of most enterprise IT. Compromise of AD effectively means compromise of the entire enterprise. Real ransomware attacks against Indian enterprises consistently show: initial workstation foothold → AD enumeration → Domain Admin within 24-72 hours.
For Indian banks, manufacturers, healthcare providers and any enterprise running Windows-heavy infrastructure, AD audit is a baseline expectation. RBI examiners increasingly request AD penetration test evidence; ISO 27001 Annex A.5.15-A.5.17 covers AD-related access controls.
Comprehensive coverage of the most exploitable risk categories for this service:
Tell us about your environment and we'll send a fixed-price proposal within 48 hours under a signed NDA. No obligation. Instant response, no delay.
Book Free Scoping CallEvery engagement follows a 5-phase methodology aligned with PTES, NIST SP 800-115 and OWASP testing guides:
Free scoping call, signed NDA, fixed-price proposal in 24-48 hours. Asset discovery, OSINT, attack surface mapping.
Targeted threat models against OWASP, MITRE ATT&CK, your specific business logic and applicable compliance frameworks.
BloodHound path analysis, PowerView enumeration, Rubeus for Kerberos abuse, Impacket suite for NTLM relay, mimikatz/SharpKatz for credential extraction. Deep manual exploitation by OSCP/OSEP/CRTP-certified consultants.
Executive summary plus technical report mapped to OWASP, CVSS v3.1 and your compliance frameworks. Live walkthrough with your engineering team.
Free retest of all critical and high findings within 30 days. Formal sign-off letter and certificate. Customer data deleted 90 days after sign-off.
Every engagement ships with the same audit-ready evidence pack:
Most engagements complete in 1-2 weeks based on environment size. Instant response, no delay, we start the same day or next business day after scoping.
Free 30-minute call, NDA, fixed-price proposal, environment access and threat modeling. We start immediately after sign-off.
Automated scanning plus deep manual testing by certified consultants. Daily status updates. Critical findings flagged immediately.
Executive and technical reports delivered. Live walkthrough with engineering. Free retest scheduled within 30 days.
Fixed-price engagements based on environment size and complexity. No hidden costs, no per-finding surprises.
30-minute call with our service lead. Get a sense of fit, scoping and timeline, no sales pressure.
Schedule Free CallStandard domain user credentials suffice for most assumed-breach scenarios. For full coverage, we recommend two accounts: standard user + a separate workstation administrator equivalent. No domain admin access required.
Typically yes, by design. Many tests are intentionally noisy to validate detection capability. We coordinate with your SOC team in advance to mark expected activity. Some engagements include explicit stealth testing as a separate red team scenario.
Most AD environments complete in 1-2 weeks. Small single-domain forests: 5-7 days; mid-size with multiple domains: 10-12 days; complex multi-forest with trusts: 2 weeks. Instant response, testing starts same/next business day after scoping.
Pricing starts from INR 30,000 and varies by forest count, domain count, user/computer count and OU complexity. Fixed price after free 30-minute scoping call.
Instant response, no delay. Response within an hour during business hours, proposal within 24-48 hours under signed NDA, testing starts same/next business day after access provided.
Yes. Reports include specific tier-0 isolation recommendations, PAW (Privileged Access Workstation) setup guidance, and just-in-time admin model design where applicable. Optional follow-on implementation assistance available.
Yes. Reports are mapped to ISO 27001 Annex A.5.15-A.5.18 access control requirements and RBI Cyber Security Framework identity controls. Suitable as supervisory evidence with documented remediation.
Codesecure is ISO/IEC 27001:2022 certified. Our certified team delivers fixed-price engagements with executive-ready outcomes. Free 30-minute scoping call, instant response, no obligation.
Get a Free Scoping Call See All Services
