🥰Methodology

• Use built-in tools and external tools to enumerate the AD CS CA and its various template configurations.

• Enumerate, understand, and find common and complex AD CS misconfigurations for abuse.

• Explore interconnected attack chains as seen in enterprise environments.

• Analyse certificates to parse and extract useful information from them.

• Enumerate alternate Certification Authorities.

After gaining a foothold on a machine/environment we need to enumerate the local machine to escalate privileges.