Active Directory & Password Review
Most internal breaches don't end in a server compromise - they end in a domain compromise. Pentiq's Active Directory & Password Review audits the on-premises and hybrid identity estate that real attackers target: forest design, delegation, ACLs, kerberoastable accounts, and the password hygiene that decides how fast the chain moves. Available as a standalone engagement or paired with an internal infrastructure test.
What we test
Audit the identity layer most internal breaches escalate through.
Forest and domain design, OU hierarchy, Group Policy Objects, delegation and ACL relationships, kerberoastable and AS-REP-roastable accounts, and offline credential strength. Configuration is benchmarked against Microsoft Security Baselines and CIS, with controlled privilege-escalation simulations evidencing real-world risk.
Why it matters
The pressure this service answers.
Active Directory is the single most-targeted identity layer in enterprise IT. A weak ACL, an over-delegated service account, or a stale password policy can collapse a healthy network into domain dominance in hours. Most clients haven't audited it cohesively in years.
Testing activities
Manual, reproducible, peer-reviewed.
Every engagement is scoped through a formal Rules of Engagement, delivered by an in-house Pentiq consultant, peer-reviewed by a senior tester, and risk-rated using CVSS 4.0 where applicable.
- Pre-engagement scoping of domains, trusts, and dictionary sources
- Enumeration of schema, OU hierarchy, and Group Policy Objects using PowerView and BloodHound
- Offline cracking of NTLM/Kerberos hashes; Kerberoast and AS-REP roast tests
- Controlled privilege-escalation simulations (ACL abuse, delegation, SID-history)
- Baseline review of password, lock-out, and smart-card policies
- Hybrid-identity coverage where Entra ID/Azure AD federation is in scope
- Post-assessment debrief covering remediation and CVSS-mapped reporting
Methodologies & frameworks
The standards behind every report.
Every report aligns to the methodologies and frameworks your assessors, customers, and insurers already recognise, so findings are defensible, reproducible, and easy to validate.
- CREST Infrastructure methodology
- Microsoft Security Baselines
- CIS Microsoft Windows Benchmarks
- MITRE ATT&CK (Privilege Escalation and Credential Access)
- NIST SP 800-53 IA and AC families
Outcomes
What you walk away with.
- Quantifies credential risk and password strength across the estate
- Identifies domain-trust and delegation weaknesses before they're exploited
- Accelerates zero-trust and identity-modernisation programmes
- Prioritised remediation tasks with measurable improvement KPIs
- Available standalone or alongside an internal infrastructure engagement
Often paired with
Related services.
Internal Infrastructure
Post-breach simulation across your internal network, lateral movement paths, and segmentation controls.
Learn more →
Insider Risk
Privileged-access review, exfiltration-pathway testing, and the joiner/mover/leaver process that grants more than anyone tracks.
Learn more →
Cloud Security
Configuration and exposure reviews across AWS, Azure, and Microsoft 365 - including identity, permissions, and data paths.
Learn more →
Get started
Talk to Pentiq about active directory & password review.
Most enquiries get a same working day response from a Pentiq consultant. We'll scope honestly and tell you when an alternative service is the right answer.