Cyber Security News

InvokeADCheck – New Powershell Module for Active Directory Assessment

Orange Cyberdefense has announced the development of InvokeADCheck, a new PowerShell module designed to streamline Active Directory (AD) assessments.

Created by Niels Hofland and colleague Justin, this tool aims to address the challenges faced by IT administrators and security professionals in efficiently evaluating AD environments.

Streamlining AD Assessment Process

InvokeADCheck offers a comprehensive solution for conducting various checks to identify potential security misconfigurations, weaknesses, and deviations from best practices in Active Directory setups.

The module allows users to perform single checks, multiple checks, or execute all available checks simultaneously through the PowerShell CLI.

Key features of InvokeADCheck include:

  1. Flexible execution options
  2. Detailed results with actionable insights
  3. Multiple output formats, including CLI display and file exports
  4. Integration with the ImportExcel PowerShell module for enhanced data analysis

The tool highlights unsafe or default settings in red, making it easy for administrators to identify areas of concern quickly.

According to Orange Cyberdefense Report, users can export results to various file types, including Excel spreadsheets, for further analysis and reporting.

InvokeADCheckInvokeADCheck
View detailed user account health check results in the exported Excel file.

Development and Functionality

InvokeADCheck was developed using the ModuleBuild scaffolding framework, which helped organize existing scripts into individual private functions.

The module comprises numerous private functions handling tasks such as importing dependencies, formatting output, and performing specific AD checks.

A public function, ‘Invoke-ADCheck’, manages command-line argument parsing, prerequisite checks, and execution of selected AD checks.

The module supports multiple output types, allowing users to choose the most suitable format for their needs.

While primarily designed for smaller AD domains within a single forest, InvokeADCheck provides a streamlined solution for basic assessments.

However, users should note that it may not cover every scenario in more complex setups.

The development team acknowledges the inspiration drawn from Sean Metcalf’s Invoke-TrimarcADChecks and has carefully credited code sources in the NOTES section of each private module.

As an open-source project, InvokeADCheck is available on GitHub, inviting contributions from the cybersecurity community.

While still a work in progress, the tool offers promising capabilities for enhancing Active Directory security assessments in various environments.

Collect Threat Intelligence on the Latest Malware and Phishing Attacks with ANY.RUN TI Lookup -> Try for free

Aman Mishra

Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Recent Posts

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…

8 hours ago

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…

8 hours ago

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

SpyCloud, the leading identity threat protection company, today released an analysis of nearly 6 million…

9 hours ago

PoC Tool Released to Detect Servers Affected by Critical Apache Parquet Vulnerability

F5 Labs has released a new proof-of-concept (PoC) tool designed to help organizations detect servers…

10 hours ago

Healthcare Sector Becomes a Major Target for Cyber Attacks in 2025

The healthcare sector has emerged as a prime target for cyber attackers, driven by the…

10 hours ago

SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution

Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling…

11 hours ago