gpo-abuse
OfficialExploit GPOs for AD control.
Software Engineering#privilege escalation#lateral movement#active directory#gpo abuse#group policy#sysvol
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps penetration testers leverage misconfigurations in Active Directory Group Policy Objects (GPOs) to gain code execution, escalate privileges, and move laterally within a network.
Core Features & Use Cases
- GPO Enumeration: Discover GPOs with write permissions using tools like GPOHound and PowerView.
- Exploitation: Deploy malicious code via immediate tasks, logon scripts, or registry keys.
- Persistence & Lateral Movement: Establish a foothold and expand access by abusing GPO settings.
- GPP Password Extraction: Recover encrypted passwords from Group Policy Preferences.
- Use Case: An attacker identifies a GPO that grants them write access. They modify it to include a scheduled task that executes a reverse shell on all linked computers, granting SYSTEM-level access.
Quick Start
Use the gpo-abuse skill to enumerate GPO permissions for the current domain.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: gpo-abuse Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#gpo-abuse Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.