Since the launch of Incognito in 2007 the importance of Windows access tokens have become well understood by the information security community. Their potential for abuse, typically in a post-exploitation environment to achieve privilege escalation is clearly demonstrated by Incognito and its accompanying metasploit module.
The original project aimed to provide a tool in order to accurately assess the risk imposed by windows access tokens. Now widely used by penetration testers during active security assessments the tool achieved what it set out to do. However, there is the feeling that the tools effectiveness could be enhanced with some small updates. These are planned for early 2012 and we are now seeking input from the community on features and bugs they would like to see addressed.
DM your ideas to us @mwrlabs – the best five ideas win a Lego Ninja!