Tools

– certi – impacket copy of Certify to abuse AD CS. – ADCSKiller – automated discovery and exploitation of AD CS abuses. – PKINITools – repo contains some utilities for playing with PKINIT and certificates. – PoshAD CS – proof of concept on attack vectors against Active Directory by abusing AD CS. – ForgeCert - forge certificates for any user using compromised CA certificate and private keys. – pyForgeCert – Python equivalent of ForgeCert. – modifyCertTemplate – Python equivalent with more manual granular control of ForgeCert. – CarbonCopy – creates a spoofed certificate of any online website and signs an Executable for AV Evasion. – KrbRelayUp – a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).