TestimoX
Active Directory Security Assessment Suite

Assess, Monitor & Secure
Your AD Infrastructure

Live rule catalog coverage across forest, domain, and domain controller scopes. Security scoring, HTML reports, continuous monitoring, and PowerShell automation. Run it yourself or engage Evotec for a delivered end-to-end audit.

Get Started Free Plan an Audit
$ TestimoX.exe --all --html-path C:\Reports\TestimoX.html
354 Generated Rules
3 Assessment Scopes
4 Integrated Products
3 Automation Surfaces
12 TestimoX Cmdlets
13 Monitoring Probe Types
The Suite

4 Integrated Products

Assessment, monitoring, Active Directory analysis, and Windows host inspection working together as one TestimoX suite.

Core Engine Most Popular

TestimoX

The core AD security assessment engine with a generated rule catalog, scoring system, and rich HTML reports. Evaluate forest, domain, and domain controller security posture in minutes.

  • Generated C# and PowerShell rule catalog
  • Security, Health, and Overall scoring
  • HTML, JSON, Word, and Excel exports
  • Configurable rule filtering and overrides
  • Durable results store with timeline comparisons
$ TestimoX.exe --all --json C:\Reports\TestimoX.json
Learn more about TestimoX →
Continuous Monitoring New

TestimoX.Monitoring

Continuous infrastructure monitoring for DNS, LDAP, Kerberos, ADWS, replication, reachability, and related AD service health between deeper assessment runs.

  • Configurable protocol and service probes across AD infrastructure
  • Configurable monitoring targets
  • Alert notifications
  • Monitoring dashboard and reports
  • Auto-pilot scheduling (Enterprise)
$ testimox-monitoring --config monitoring.json
Learn more about TestimoX.Monitoring →
AD Analysis

ADPlayground

Low-privilege Active Directory analysis toolkit. Gather users, computers, groups, GPOs, trusts, PKI templates, and replication data without administrative rights.

  • Broad PowerShell and .NET automation surface
  • GPO analysis without COM dependencies
  • User, Computer, and Group typed views
  • Trust posture and replication checks
  • LAPS deployment inventory
$ Install-Module ADPlayground
Learn more about ADPlayground →
System Inventory

ComputerX

Windows system inventory and health toolkit. Query WMI, registry, services, patches, audit policy, firewall rules, and Defender status on local and remote machines.

  • Broad PowerShell and .NET automation surface
  • WMI and Registry readers (local/remote)
  • MSRC patch details and update gap detection
  • Audit policy and security configuration
  • SMB, Firewall, and Defender management
$ Install-Module ComputerX
Learn more about ComputerX →
Capabilities

Everything You Need for AD Security

From one-time assessments to continuous monitoring and compliance reporting.

Security Assessment

🛡️

Built-in Rules

Generated catalog coverage across Kerberos, LDAP, GPO, PKI, trusts, and privileged access.

📊

Scoring System

Security Score, Health Score, and Overall Score with severity-rated results.

📄

Rich Reports

HTML, JSON, Word, and Excel exports with configurable sections and branding.

⚙️

Configurable Rules

Filter by baseline, profile, category, tag, or cost. Override parameters and thresholds.

Monitoring & Alerting

📡

Probe Coverage

Protocol and service monitoring across DNS, LDAP, Kerberos, NTP, HTTPS, ADWS, replication, reachability, and related health signals.

🔔

Notifications

Alert when probes detect issues or thresholds are exceeded.

📈

Dashboards

Monitoring reports with probe status, trends, and certificate tracking.

🤖

Auto-Pilot

Enterprise adaptive scheduling with automatic concurrency and retry tuning.

Active Directory

👥

Users & Computers

Typed views for account hygiene, password policies, delegation, and LAPS.

📋

GPO Analysis

COM-free Group Policy analysis including linked GPOs, WMI filters, and permissions.

🔗

Trusts & Replication

Inter-domain trust posture validation and DC replication health checks.

🔐

PKI & Certificates

Certificate template security, expiration tracking, and CA configuration.

Developer Experience

💻

C# API

Full .NET API with fluent RuleBuilder, TestBuilder, and ReportViewBuilder.

PowerShell Modules

TestimoX, ADPlayground, and ComputerX modules for assessment runs, AD analysis, and Windows host inspection.

🖥️

CLI & Service

Command-line tool, Windows Service, and monitoring agent deployment options.

🧩

Extensible Rules

Write custom rules in C# or PowerShell with the rule authoring framework.

Rule Engine

Generated Rule Catalog

Comprehensive checks across every layer of your Active Directory infrastructure.

Domain Security

Kerberos Weak Encryption

Detects accounts configured to use RC4 or DES encryption types, which are vulnerable to offline cracking attacks.

High
Forest Configuration

AD Recycle Bin

Verifies that the Active Directory Recycle Bin feature is enabled for safe object recovery.

Elevated
Domain Controller Health

DC Replication Status

Checks that all domain controllers are replicating successfully without errors or excessive latency.

Severe
Domain Compliance

LAPS Deployment Coverage

Measures the percentage of domain-joined computers with Local Admin Password Solution deployed and active.

Informational
Explore the live rule catalog →
Scoring System

Actionable Security Scores

Every rule produces a severity-rated result that rolls up into three aggregate scores.

Severity Levels

Good Passes check
Informational Advisory only
Elevated Attention needed
High Significant risk
Severe Critical issue

Aggregate Scores

Security Score

Weighted score from security-critical rules like Kerberos, LDAP signing, and privileged group membership.

Health Score

Measures infrastructure health including replication, backups, DNS, and domain controller status.

Overall Score

Combined assessment across all scopes providing a single posture indicator for your AD environment.

Multiple Interfaces

Use It Your Way

CLI, PowerShell, or C# API - choose the interface that fits your workflow.

# Start the interactive assessment flow
TestimoX.exe

# Run the curated AD security profile and save JSON output
TestimoX.exe --profile AdSecurityAssessment --json .\Reports\TestimoX.json

# Export the generated rule catalog for docs or tooling
TestimoX.exe export-rule-catalog --output .\Website\data\rules.json

# Inspect the currently available rules
TestimoX.exe --list-rules
# Import and run the curated assessment profile
Import-Module TestimoX
Invoke-TestimoX -Profile AdSecurityAssessment -HtmlReportPath 'C:\Reports\TestimoX.html'

# List rules and review the migration inventory
Get-TestimoXConfig -ListRules | Format-Table Name, SourceType, EnabledByDefault
Get-TestimoXRuleOverview -Inventory | Format-Table Name, Type, State

# Run a targeted set of rules
Invoke-TestimoX -IncludeRules 'ForestRecycleBinAndLifetimes','DomainPasswordPolicy'
using TestimoX.Execution;

var catalog = await ToolingRuleService.DiscoverRulesAsync(new ToolingRuleDiscoveryRequest
{
    IncludeDisabled = true,
    Categories = new[] { "Security" }
});

Console.WriteLine($"Catalog rows: {catalog.ReturnedCount}");

var run = await ToolingRuleService.RunRulesAsync(new ToolingRuleRunRequest
{
    RuleNames = new[] { "ForestRecycleBinAndLifetimes" },
    IncludeRuleData = false,
    IncludeFilteredRuleData = false,
    IncludeExcludedRuleData = false
});

Console.WriteLine($"Executed rules: {run.ExecutedRuleCount}");
# Generate a daily service.json scaffold
Get-TestimoXService -Path 'C:\Configs\service.json' -Mode Daily -DailyTimes 01:00 -EnableAdSnapshot

# Apply it locally and restart the service
Set-TestimoXService -Name TestimoX -ConfigPath 'C:\Configs\service.json' -Restart

# Connect to the management API and preview upcoming runs
Connect-TestimoXService -Url 'http://127.0.0.1:7809/' -ApiKey (Get-Content C:\secret.txt -Raw)
Get-TestimoXService -WhatIfNext 5
Ecosystem

One Suite, Multiple Operational Layers

TestimoX, TestimoX.Monitoring, ADPlayground, and ComputerX cover assessment, continuous visibility, AD analysis, and Windows host inspection end to end.

Assessment Core

TestimoX runs the rule catalog, scoring, reporting, and evidence-driven assessment workflow.

Continuous Monitoring

TestimoX.Monitoring watches critical protocols, services, and infrastructure health between assessment runs.

Automation & Data Layers

ADPlayground and ComputerX provide the directory and Windows data collection layers that power TestimoX and support direct automation.

Explore the ecosystem →

Enterprise-Grade Security Assessment

Offline-First Licensing Portable .txlic files, no online activation required
No Cloud Dependency All data stays on your network, nothing leaves your environment
Delivered Audit Option Use the software yourself or let Evotec run the assessment and hand back a full review
Free Community Edition Core security checks available at no cost, forever
See It In Action

Reports, Dashboards & CLI

TestimoX produces rich HTML reports, monitoring dashboards, and detailed CLI output.

HTML Assessment Report

HTML Assessment Report

Rich, interactive HTML report with collapsible sections, severity badges, and scoring summaries for forest, domain, and DC assessments.

Report HTML Assessment
Monitoring Dashboard

Monitoring Dashboard

Real-time probe status dashboard showing DNS, LDAP, Kerberos, and certificate health across your infrastructure.

Monitoring Dashboard Probes
CLI Assessment Output

CLI Assessment Output

Spectre.Console-powered terminal output with colored severity indicators, progress bars, and structured results.

CLI Terminal Assessment
View full showcase →

Run It Yourself or Let Us Deliver It

Start with the free Community Edition, compare licensing, or talk to us about a delivered end-to-end audit engagement.

Get Started Free Plan an Audit