Skip to content

v2025.1.1
Compare
Choose a tag to compare
@jakehildreth jakehildreth released this 01 Jan 16:14
· 44 commits to main since this release
v2025.1.1
0319732
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

New Year, New Features!

Hello, friends!

It's now 2025 which is officially the future. And in the future, your open-source AD CS auditing tools should provide risk ratings for their findings. So... that's what you're getting with this release of Locksmith!

Risk Ratings

Every identified issue includes a risk score which maps to a risk level according to the following scale:

  • 0-1: Informational
  • 2: Low
  • 3: Medium
  • 4: High
  • 5+: Critical

Note: These ratings are mostly correct, but assigning risk to highly complex systems is highly complex. 🤷 Expect more tuning in the future. But if you run Locksmith with no parameters defined or -Mode 0 and you see a risk rating that doesn't make sense to you, try -Mode 1. This mode includes a full breakdown of the risk score so you can better understand it.

More Interactive

Another new addition: in Modes 1, 3, and 4 Locksmith will ask you questions whenever it discovers an ESC1. These questions will help Locksmith provide customized remediation for your specific use case.

DevOps?

Additionally, @SamErde is now the official Locksmith CI/CD wizard! His first task as wizard was to automate the creation of an MkDocs site for Locksmith. You can check it out at its temporary home, but don't get too attached to that URI as it will be moving in the future.

More Community!

Finally, we had a few new contributors in this release:

Thanks for finding and fixing stuff, folks!

Until Next Release!
@TrimarcJake (Jake Hildreth)

Full Changelog: v2024.11.11...v2025.1.1

Contributors

JimSycurity, SamErde, and 2 other contributors
Assets 4
Loading