[b16]

Local Area Security Audit Tool

https://lastaudit.wordpress.com

Free, portable, automatic Windows security configuration scannig tool.

For pentesters – shows security configuration errors and sensitive information stored on host.
For home users – reveals what information can be accessed, stolen and used by malware authors.

Reporting features:
– Wrong security configuration, permissions and vulnerabilities
– Saved passwords
– Browser history and cookies
– Sensitive information from documents, credential files, Active Directory, network resources and shares
– WiFI audit
– Simple LAN port scanning

Beta version, new features will be available soon.

[b16]

Version 1.0 released
Here you can see some screentshots https://lastaudit.wordpress.com/screenshots/

[b16]

Another release published.

Version 1.1, new features added:
- Verifies Firewall settings
- Verifies Autoupdate settings
- Detects bypass UAC vulnerability
- Parses MSG and EML files and shows email details
- Lists Outlook address book entries
- Shows keywords detected in sensitive files

Hope you find it useful.
Feel free to contact me or write a post here if you have any suggestions.

[b16]

version 1.2 released with improved UI

[b16]

Version 1.5 released.
This release adds command-line usability features.

More details: https://lastaudit.wordpress.com/blog/

[b16]

Version 1.52 - improved command-line interface, faster scanning.

Code: Select all

Usage: lastauditc <scan type(s)> [options]
Scan types:
-sall - all scans
-sv - vulnerabilities, misconfigurations
-sf <disks letters> - filesystem
-sad - Active Directory
-slan <network strings> - LAN
Options:
-v - verbose
-l <comma-separated level numbers> - threat levels
-out "file path" - report file path
-i - ignore selected vulnerabilities, misconfigurations and other information
Available ignore option strings:
admin - don't check for administrator rights
scr - don't take screenshot
cam - don't take webcam photo

Usage examples:

Scan vulnerbilities and misconfigurations only

Code: Select all

lastauditc -sv

Scand C and Y disks in verbose mode

Code: Select all

lastauditc -sf C,Y -v

Scan selected LANs (subnets that contain “192.168” octets) and Active Directory

Code: Select all

lastauditc -sad -slan 192.168

Perform all scans reporting only level 1 and level 2 threats:

Code: Select all

lastauditc -sall -l 1,2

Perform all scans and save the report to “c:\users\user\desktop\my_report.html”.

Code: Select all

lastauditc.exe -sall -out "c:\users\user\desktop\my_report.html"

Scan vulnerabilities and misconfigurations without screenshot, ignoring admin rights warning.

Code: Select all

lastauditc.exe -sv -i scr,admin