Version 1.52 released

VERSION 1.52 (2016-06-28)
– Added new CLI options
– Updated vulnerability database
– Improved geolocation module
– Bug fixes

Retrieving geolocation data is now based not only on available WiFi networks but also on data from all installed wireless devices.

Command line interface was also updated. There are now 2 new options.

-out "file path" - report file path
-i - ignore selected vulnerabilities, misconfigurations and other information

Available ignore option strings:
admin - don't check for administrator rights
scr - don't take screenshot
cam - don't take webcam photo

There will be more ignore options in future releases.

Example usages:

Perform all scans and save the report to “c:\users\user\desktop\my_report.html”.
lastauditc.exe -sall -out "c:\users\user\desktop\my_report.html"

Scan vulnerabilities and misconfigurations without screenshot, ignoring admin user warning.
lastauditc.exe -sv -i scr,admin


Version 1.51 – faster scanning, more CLI options

VERSION 1.51 (2016-06-20)
– Added new CLI options
– Updated vulnerability database
– Faster file scanning module

File scanning module was optimized and is now several times faster.

By using command line version you can now limit reported threat levels of detected vulnerabilities, misconfigurations or sensitive files.
Use -l option followed by comma-separated list of threat levels.

There are 4 threat levels:
Level 1 (red) – Critical vulnerabilities, misconfigurations and sensitive information. You should immediately fix or protect these.
Level 2 (orange)- Important vulnerabilities and sensitive information.
Level 3 (blue) – Valuable information that may be exploited for further attacks.
Level 4 (green) – Information of potential value for attackers.

Following example forces lastauditc.exe to perform all scans but reports only level 1 and level 2 threats:

lastauditc -sall -l 1,2

v1.5 + command line interface

VERSION 1.5 (2016-06-10)
– Added command line interface
– Updated file searching module
– Updated vulnerability database

This release adds command-line usability features.

Usage: lastauditc [scan type(s)] [options]
Scan types:
-sall - all scans
-sv - vulnerabilities, misconfigurations
-sf <disks letters> - filesystem
-sad - Active Directory
-slan <network strings> - LAN
-v - verbose

Usage examples:

Scan vulnerbilities and misconfigurations only
lastauditc -sv

Scand C and Y disks in verbose mode
lastaucitc -sf C,Y -v

Scan selected LANs (subnets that contain “192.168” octets) and Active Directory
lastaudit -sad -slan 192.168

Download command line version

Download GUI version

Version 1.4 released

– Added detection of encrypted Office files
– Added detection of encrypted Zip files
– Added detection of mobile apps
– Added listing of file extensions and associated apps
– Improved LAN scanning module
– Updated vulnerability database
– Updated file searching module
– Minor UI and report template changes

LAN scannig module was finally improved. Now it is based on multiple threads which means it scans network many times faster.


Detection of encrypted Office documents and zip archives was included in “blue” category indicating information valuable to a hacker who can get passwords to these files by installing keylogger on your workstation.

Version 1.3 released

– Added detection of encrypted containers
– Added image tags geolocation
– Improved database parsing module
– Updated file searching module
– Updated vulnerability database

LastAudit is now able to collect GPS tags from images and present them on a map. The map will show geographic positions of the places where pictures were taken. Only pictures 1900 pixels wide or above are analyzed.


Another new feature is the ability to detect Truecrypt/Veracrypt (or other possible encrypted) containers. Detection is based on size and randomness of these files.


There where also some improvements of database parsing module which now lets you see table lists from MS Access files.