trust-attacks
OfficialExploit AD trust relationships for escalation.
Software Engineering#privilege escalation#kerberos#active directory#trust relationships#sid history#forest trust
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps penetration testers identify and exploit weaknesses in Active Directory trust relationships to gain elevated privileges across domains and forests.
Core Features & Use Cases
- Trust Enumeration: Discover and analyze various types of AD trusts (forest, external, parent-child).
- SID History Injection: Forge tickets to impersonate users in trusted domains, bypassing security boundaries.
- Inter-Realm TGT Forging: Leverage trust account keys to authenticate into other domains.
- PAM Trust Exploitation: Exploit shadow principals in bastion forests for broad access.
- Use Case: After identifying a forest trust with SID filtering disabled, use this Skill to forge a golden ticket with the Enterprise Admins SID of the parent forest, granting immediate high-level access.
Quick Start
Use the trust-attacks skill to enumerate all trust relationships in the current Active Directory environment.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: trust-attacks Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#trust-attacks Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.