Article Excerpt
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure.
property | value |
tags | defensive-tradecraft,elastic-stack,kernel,pkm-pocket-pipeline,procedure-syscalls,process-telemetry,summarize-article |
url | |
original_word_count | 256 |
Long Summary
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. The tool is currently in its first drafts and will undergo further refinements and additions in future updates.
ADCSKiller can be used to enumerate Domain Administrators and Domain Controllers via LDAP, as well as Certificate Authorities via Certipy. It also supports exploitation of ESC1 and ESC8. In order to use the tool, Certipy and Coercer must be installed first. The tool also supports exploitation of DC Certificate Authorities, ESC2-ESC7, and ESC9-ESC11.
The tool is currently undergoing tests and refinements, and in the future it will support enumeration of principals which are allowed to dcsync, as well as automated addition of an ADIDNS entry if required. It will also support DCSync functionality.
The tool was created by Oliver Lyak for Certipy, p0dalirius for Coercer, SpecterOps for their research on ADCS, and S3cur3Th1sSh1t for bringing these attacks to the screen. ADCSKiller is a powerful tool for automating the process of discovering and exploiting Active Directory Certificate Services vulnerabilities. It is currently undergoing tests and refinements, and in the future it will support additional features.
This tool is a great resource for security professionals and researchers who are looking for a way to automate the process of discovering and exploiting ADCS vulnerabilities. It is a powerful tool that can help make the process of attacking ADCS infrastructure much simpler and more efficient.
Short Summary
š grimlockx/ADCSKiller
šš½ ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. šš½ ADCSKiller automates discovering and exploiting ADCS vulnerabilities. šš½ It leverages Certipy and Coercer to simplify the process of attacking ADCS infrastructure. šš½ The tool can enumerate Domain Administrators, Domain Controllers, and Certificate Authorities. šš½ It supports exploitation of ESC1 and ESC8. šš½ Certipy and Coercer must be installed to use the tool. šš½ ADCSKiller also supports exploitation of DC Certificate Authorities and other vulnerabilities. šš½ The tool is undergoing tests and refinements. šš½ Future updates will support enumeration of principals and DCSync functionality. šš½ ADCSKiller was created by multiple researchers and developers. šš½ The tool is a valuable resource for security professionals and researchers.
š source link: https://github.com/grimlockx/ADCSKiller
š summarized content: https://hut.threathunterz.com/battlefield-intel/tradecraft-tools/grimlockxadcskiller
#ADCSKiller #AutomateDiscovery #ExploitVulnerabilities #ActiveDirectoryCertificateServices #SecurityResearch