ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services ADCS vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is...

Active Directory Certificate Services (ADCS) privilege escalation (Certifried)

This module exploits a privilege escalation vulnerability in Active Directory Certificate Services ADCS to generate a valid certificate impersonating the Domain Controller DC computer account. This certificate is then used to authenticate to the target as the DC account using PKINIT...

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Alternative video link for Russia: $ cat...

Masky - Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory

Masky is a python library providing an alternative way to remotely dump domain users' credentials thanks to an ADCS. A command line tool has been built on top of this library in order to easily gather PFX, NT hashes and TGT on a larger scope. This tool does not exploit any new vulnerability and...

modifyCertTemplate - ADCS Cert Template Modification And ACL Enumeration

This tool is designed to aid an operator in modifying ADCS certificate templates so that a created vulnerable state can be leveraged for privilege escalation and then reset the template to its previous state afterwards. This is specifically designed for a scenario where WriteProperty rights over ...