Article Excerpt
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure.
property | value |
tags | active-directory,offensive-tradecraft,tactic-ad-attack,tradecraft-tool |
url | |
original_word_count | 256 |
Long Summary
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. The tool is currently in its first drafts and will undergo further refinements and additions in future updates.
ADCSKiller can be used to enumerate Domain Administrators and Domain Controllers via LDAP, as well as Certificate Authorities via Certipy. It also supports exploitation of ESC1 and ESC8. In order to use the tool, Certipy and Coercer must be installed first. The tool also supports exploitation of DC Certificate Authorities, ESC2-ESC7, and ESC9-ESC11.
The tool is currently undergoing tests and refinements, and in the future it will support enumeration of principals which are allowed to dcsync, as well as automated addition of an ADIDNS entry if required. It will also support DCSync functionality.
The tool was created by Oliver Lyak for Certipy, p0dalirius for Coercer, SpecterOps for their research on ADCS, and S3cur3Th1sSh1t for bringing these attacks to the screen. ADCSKiller is a powerful tool for automating the process of discovering and exploiting Active Directory Certificate Services vulnerabilities. It is currently undergoing tests and refinements, and in the future it will support additional features.
This tool is a great resource for security professionals and researchers looking to automate the process of discovering and exploiting ADCS vulnerabilities. It is a powerful tool that can help simplify the process of attacking ADCS infrastructure.
Short Summary
š grimlockx/ADCSKiller
šš½ ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. šš½ ADCSKiller automates discovery and exploitation of ADCS vulnerabilities. šš½ It uses features of Certipy and Coercer to simplify the process. šš½ It can enumerate Domain Admins, Domain Controllers, and Certificate Authorities. šš½ ADCSKiller supports exploitation of ESC1-ESC11. šš½ Certipy and Coercer must be installed to use the tool. šš½ It is currently undergoing tests and refinements. šš½ Future updates will support additional features. šš½ The tool was created by a group of researchers and security professionals. šš½ ADCSKiller is a powerful resource for discovering and exploiting ADCS vulnerabilities. šš½ It can help simplify the process of attacking ADCS infrastructure.
š source link: https://github.com/grimlockx/ADCSKiller
š summarized content: https://hut.threathunterz.com/battlefield-intel/tradecraft-tools/grimlockxadcskiller
#ADCSKiller #PythonTool #AutomatedVulnerabilityDiscovery #ADCSExploitation #SecurityResearch