adcs-template-abuse
OfficialImpersonate domain users via AD CS abuse.
Software Engineering#privilege escalation#impersonation#active directory#adcs#certificate services#esc1#esc6
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps penetration testers exploit misconfigured Active Directory Certificate Services (AD CS) to impersonate domain users, bypassing security controls.
Core Features & Use Cases
- Exploit AD CS Misconfigurations: Leverages various ESC (Escalated Certificate Services) vulnerabilities (ESC1, ESC2, ESC3, ESC6).
- Impersonate Domain Users: Obtain certificates to authenticate as arbitrary domain principals.
- Use Case: A tester identifies a vulnerable AD CS template. They use this Skill to request a certificate for a high-privilege user (e.g., 'administrator'), then use that certificate to authenticate to domain services as that user.
Quick Start
Use the adcs-template-abuse skill to find vulnerable AD CS templates on the domain controller at 10.0.0.5.
Dependency Matrix
Required Modules
certipyCertify.exeRubeuscertutilgetTGT.pygettgtpkinit.pygetnthash.py
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: adcs-template-abuse Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#adcs-template-abuse Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.