Certipy

Certipy is a toolkit for enumerating and abusing Active Directory Certificate Services (AD CS) with ESC1-ESC16 attack path support.

Visit Website

Visit Website

Introduction

Certipy is a powerful offensive and defensive toolkit designed for Active Directory Certificate Services (AD CS) enumeration and abuse. It's tailored for red teamers, penetration testers, and defenders to assess AD CS misconfigurations, offering comprehensive support for identifying and exploiting all known ESC1-ESC16 attack paths.

Key Features:

Discovery: Enumerate Certificate Authorities and Templates.
Misconfiguration Identification: Pinpoint AD CS misconfigurations.
Certificate Manipulation: Request and forge certificates for unauthorized access.
Authentication Bypass: Perform authentication using certificates.
NTLM Relay: Relay NTLM authentication to AD CS HTTP(S)/RPC endpoints.
Advanced Attacks: Supports Shadow Credentials, Golden Certificates, and Certificate Mapping Attacks.

Use Cases:

Red Teaming: Exploit AD CS vulnerabilities to escalate privileges and compromise the domain.
Penetration Testing: Assess the security posture of AD CS deployments.
Defensive Security: Identify and remediate AD CS misconfigurations to prevent attacks.

Back

Information

Publisher
Admin
Websitegithub.com
Published date2025/07/26

More Products

Infrastructure Security

Visit Website

GodPotato

Details

GodPotato is a privilege escalation tool for Windows, exploiting DCOM to elevate privileges to NT AUTHORITY\SYSTEM with ImpersonatePrivilege.

Internal

Infrastructure Security

Visit Website

BloodHound Query Library

Details

BloodHound Query Library appears to be a resource for pre-built queries designed for use with BloodHound, a tool for analyzing Active Directory environments.

Internal