Latest version:
Purple Knight 4.3 Community

IMPORTANT: With this release, Purple Knight is no longer backwards compatible with previous versions. Therefore, if you are still running Purple Knight 4.2 (to use the original scoring method), you have two options:

  • If you wish to continue using the original scoring method, you can continue to run Purple Knight 4.2; however this version no longer supports indicator updates.
  • If you want to continue receiving periodic indicator packages that contain new and updated indicators, you must upgrade to Purple Knight 4.3(and the new scoring method).

For more information about Purple Knight scoring method, check out “Purple Knight Scoring Improves Understanding of Identity System Vulnerabilities.

 

Version: Purple Knight 4.3 Community
  • Release Date

    Jul 2024

  • SHA256

    127FCAED5F30E999CAF8F1DDCCADF6F0711731DBAD3298746C799540EC73AB04

Please review the Purple Knight User Guide for important guidance before unzipping and executing Purple Knight.

Purple Knight is a standalone utility that queries the Active Directory and Entra ID environment and performs a set of tests against many aspects of Active Directory’s security posture, including AD delegation, account security, AD infrastructure security, Group Policy security, and Kerberos security. Purple Knight does not require any elevated or administrator permissions.

It is designed to give a quick snapshot of your hybrid Active Directory environment as an attacker would see it. Purple Knight does not make changes to Active Directory. Need help? Use the “Contact us” form to submit your question. Thank you for joining the Purple Knight community!

Resources

See all resources
Getting Started
Read more
User Guide
Read more
See all resources

Do you know your Active Directory security vulnerabilities?

Purple Knight users report an average initial security score of 61%—a barely passing grade. But users who apply the prioritized guidance provided with the assessment can systematically close AD security gaps, reducing the attack surface by up to 45%.

Read the report