AD CS Attacks Tools

- Certi Impacket copy of Certify to abuse AD CS. – ADCSKiller automated discovery and exploitation of AD CS abuses.

– The PKINIT Tools repo contains some utilities for playing with PKINIT and certificates.

– PoshAD CS proof of concept on attack vectors against Active Directory by abusing AD CS.

– ForgeCert forge certificates for any user using compromised CA certificates and private keys.

– pyForgeCert Python equivalent of ForgeCert – modifyCertTemplate Python equivalent with more manual granular control of ForgeCert

– CarbonCopy creates a spoofed certificate of any online website and signs an Executable for AV Evasion.

– KrbRelayUp is a universal no-fix local privilege escalation in Windows domain environments where LDAP signing is not enforced (the default settings).

Last updated