{"id":36737,"date":"2025-02-27T11:22:58","date_gmt":"2025-02-27T11:22:58","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=36737"},"modified":"2025-02-28T05:20:47","modified_gmt":"2025-02-28T05:20:47","slug":"locksmith","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/locksmith\/","title":{"rendered":"Locksmith : A Tool For Securing Active Directory Certificate Services"},"content":{"rendered":"\n<p><a href=\"https:\/\/kalilinuxtutorials.com\/tag\/locksmith\/\" target=\"_blank\" rel=\"noreferrer noopener\">Locksmith <\/a>is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). <\/p>\n\n\n\n<p>AD CS is a Microsoft Windows Server role that provides Public Key Infrastructure (PKI) for managing digital certificates, which are used for authentication, encryption, and secure communication. <\/p>\n\n\n\n<p>Misconfigurations in AD CS can lead to severe security risks, including privilege escalation and domain compromise.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Key Features And Functions Of Locksmith<\/strong><\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Misconfiguration Detection<\/strong>:<br>Locksmith scans Active Directory forests to identify misconfigurations in certificate templates, permissions, and registry settings. These issues can allow attackers to escalate privileges or exploit weak certificate mappings.<\/li>\n\n\n\n<li><strong>Remediation Options<\/strong>:<br>The tool provides several modes for addressing vulnerabilities:\n<ul class=\"wp-block-list\">\n<li><strong>Mode 0<\/strong>: Identifies issues and outputs them in a console table.<\/li>\n\n\n\n<li><strong>Mode 1<\/strong>: Lists detected issues along with suggested fixes.<\/li>\n\n\n\n<li><strong>Mode 2 &amp; 3<\/strong>: Outputs results to CSV files for documentation or further analysis.<\/li>\n\n\n\n<li><strong>Mode 4<\/strong>: Automatically identifies and fixes all misconfigurations, warning users of potential operational impacts.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Customizable Scans<\/strong>:<br>Users can specify which vulnerabilities to scan using the <code>-Scans<\/code> parameter. Options include targeting specific paths like ESC1 (Enterprise CA Security) or conducting comprehensive audits.<\/li>\n\n\n\n<li><strong>Ease of Use<\/strong>:<br>Locksmith is available as a <a href=\"https:\/\/github.com\/jakehildreth\/Locksmith\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">PowerShell <\/a>module or standalone script, making it accessible for both automated and manual use. It supports domain-joined systems and requires administrative rights for certain checks.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Importance Of Locksmith<\/strong><\/h2>\n\n\n\n<p>AD CS misconfigurations are common due to the complexity of PKI management. Attackers often exploit these vulnerabilities to gain unauthorized access or escalate privileges within an organization. <\/p>\n\n\n\n<p>Locksmith addresses this by offering both detection and remediation capabilities, helping administrators secure their environments effectively.<\/p>\n\n\n\n<p>By regularly auditing AD CS configurations with tools like Locksmith, organizations can minimize risks, enforce best practices, and maintain the integrity of their Active Directory infrastructure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is a Microsoft Windows Server role that provides Public Key Infrastructure (PKI) for managing digital certificates, which are used for authentication, encryption, and secure communication. Misconfigurations in AD CS can lead to severe security risks, [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":36742,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20,5840,43],"tags":[737,6321,6052,6325,7190],"class_list":["post-36737","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","category-penetration-testing-tools","category-vulnerability-analysis-tools","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools","tag-locksmith"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Locksmith : A Tool For Securing Active Directory Certificate<\/title>\n<meta name=\"description\" content=\"Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/locksmith\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Locksmith : A Tool For Securing Active Directory Certificate\" \/>\n<meta property=\"og:description\" content=\"Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/locksmith\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-27T11:22:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-28T05:20:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"Locksmith : A Tool For Securing Active Directory Certificate Services\",\"datePublished\":\"2025-02-27T11:22:58+00:00\",\"dateModified\":\"2025-02-28T05:20:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/\"},\"wordCount\":290,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp\",\"keywords\":[\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\",\"Locksmith\"],\"articleSection\":[\"Cyber security\",\"Pentesting Tools\",\"Vulnerability Analysis\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/locksmith\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/\",\"name\":\"Locksmith : A Tool For Securing Active Directory Certificate\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp\",\"datePublished\":\"2025-02-27T11:22:58+00:00\",\"dateModified\":\"2025-02-28T05:20:47+00:00\",\"description\":\"Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/locksmith\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp\",\"width\":1600,\"height\":900},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Locksmith : A Tool For Securing Active Directory Certificate","description":"Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/locksmith\/","og_locale":"en_US","og_type":"article","og_title":"Locksmith : A Tool For Securing Active Directory Certificate","og_description":"Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is","og_url":"https:\/\/kalilinuxtutorials.com\/locksmith\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2025-02-27T11:22:58+00:00","article_modified_time":"2025-02-28T05:20:47+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp","type":"image\/webp"}],"author":"Varshini","twitter_card":"summary_large_image","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"Locksmith : A Tool For Securing Active Directory Certificate Services","datePublished":"2025-02-27T11:22:58+00:00","dateModified":"2025-02-28T05:20:47+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/"},"wordCount":290,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp","keywords":["cybersecurity","informationsecurity","kalilinux","kalilinuxtools","Locksmith"],"articleSection":["Cyber security","Pentesting Tools","Vulnerability Analysis"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/locksmith\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/","url":"https:\/\/kalilinuxtutorials.com\/locksmith\/","name":"Locksmith : A Tool For Securing Active Directory Certificate","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp","datePublished":"2025-02-27T11:22:58+00:00","dateModified":"2025-02-28T05:20:47+00:00","description":"Locksmith is a specialized tool designed to identify and remediate vulnerabilities in Active Directory Certificate Services (AD CS). AD CS is","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/locksmith\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/locksmith\/#primaryimage","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp","width":1600,"height":900},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Locksmith-.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":17629,"url":"https:\/\/kalilinuxtutorials.com\/pspkiaudit\/","url_meta":{"origin":36737,"position":0},"title":"PSPKIAudit : PowerShell toolkit for auditing Active Directory Certificate Services (AD CS)","author":"R K","date":"September 11, 2021","format":false,"excerpt":"PSPKIAudit is a PowerShell toolkit for auditing Active Directory Certificate Services (AD CS). It is built on top of\u00a0PKISolution's\u00a0PSPKI\u00a0toolkit (Microsoft Public License). This repo contains a newer version of PSPKI than what's available in the PSGallery (see the\u00a0PSPKI\u00a0directory).\u00a0Vadims Podans\u00a0(the creator of PSPKI) graciously provided this version as it contains patches\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gsyqnf83ZIE\/YS9euUZEg0I\/AAAAAAAAKms\/SMNZLC56fgg-DsZrx8EjD8Q0DxiYIP49ACLcBGAsYHQ\/s809\/download%2B%25281%2529.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gsyqnf83ZIE\/YS9euUZEg0I\/AAAAAAAAKms\/SMNZLC56fgg-DsZrx8EjD8Q0DxiYIP49ACLcBGAsYHQ\/s809\/download%2B%25281%2529.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gsyqnf83ZIE\/YS9euUZEg0I\/AAAAAAAAKms\/SMNZLC56fgg-DsZrx8EjD8Q0DxiYIP49ACLcBGAsYHQ\/s809\/download%2B%25281%2529.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gsyqnf83ZIE\/YS9euUZEg0I\/AAAAAAAAKms\/SMNZLC56fgg-DsZrx8EjD8Q0DxiYIP49ACLcBGAsYHQ\/s809\/download%2B%25281%2529.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":36223,"url":"https:\/\/kalilinuxtutorials.com\/hackthebox-ad-machines\/","url_meta":{"origin":36737,"position":1},"title":"HackTheBox AD Machines : Tools And Strategies For Mastering AD Penetration Testing","author":"Varshini","date":"February 7, 2025","format":false,"excerpt":"HackTheBox (HTB) offers a range of Active Directory (AD) machines designed to help cybersecurity enthusiasts and professionals practice enumeration, exploitation, and attack techniques on AD environments. These machines vary in difficulty, providing challenges for both beginners and advanced users. Below is an overview of tools commonly used for tackling AD\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/HackTheBox-AD-Machines.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/HackTheBox-AD-Machines.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/HackTheBox-AD-Machines.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/HackTheBox-AD-Machines.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/HackTheBox-AD-Machines.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/HackTheBox-AD-Machines.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":17469,"url":"https:\/\/kalilinuxtutorials.com\/adcspwn\/","url_meta":{"origin":36737,"position":2},"title":"ADCSPwn : A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service","author":"R K","date":"August 13, 2021","format":false,"excerpt":"ADCSPwn is a tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to the certificate service. Usage Run\u00a0ADCSPwn\u00a0on your target network. Author: @batsec - MDSec ActiveBreachContributor: @Flangvik - TrustedSecadcspwn.exe --adcs --port [local port] --remote [computer]Required arguments:adcs - This is the address\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":36469,"url":"https:\/\/kalilinuxtutorials.com\/stifle\/","url_meta":{"origin":36737,"position":3},"title":"Stifle : A Post-Exploitation Tool For Explicit Certificate Mapping In Active Directory","author":"Varshini","date":"February 18, 2025","format":false,"excerpt":"Stifle is a specialized .NET utility designed for post-exploitation scenarios, enabling attackers or penetration testers to exploit explicit certificate mapping in Active Directory (AD). This tool leverages the altSecurityIdentities attribute of AD objects, allowing authentication as a target object using a pre-obtained certificate. Explicit certificate mappings are a key aspect\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Stifle-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Stifle-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Stifle-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Stifle-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Stifle-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Stifle-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":4019,"url":"https:\/\/kalilinuxtutorials.com\/electronegativity-misconfigurations\/","url_meta":{"origin":36737,"position":4},"title":"Electronegativity : A Tool to Identify Misconfigurations &#038; Security Anti-Patterns in Electron Applications","author":"R K","date":"March 1, 2019","format":false,"excerpt":"Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron-based applications. Software developers and security auditors can use this tool to detect and mitigate potential weaknesses and implementation bugs when developing applications using Electron. A good understanding of Electron (in)security is still required when using it, as some\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":27987,"url":"https:\/\/kalilinuxtutorials.com\/farsightad\/","url_meta":{"origin":36737,"position":5},"title":"FarsightAD : PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms","author":"R K","date":"January 10, 2023","format":false,"excerpt":"FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV \/ JSON file exports of various objects and their attributes, enriched with timestamps from replication metadata. Additionally, if executed with replication privileges,\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ4bLoM6UbnACZ0C1D7f6hJadru7CcQTt-SUql5TOjXggPhIDzjngHBNG0TK-qmAOJdIcq_MHq_m1aO1rTib8SnfKX_ZZKbrw3QZHBPEtKVvltV7eaKpd_U9FHAMeqOoVVxeVx_cpEmBpO9T7xI-XmN7IGGckxFPmFWpoCo9QRfIsDaEQFrpGnd18m\/s728\/FarsightAD4.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ4bLoM6UbnACZ0C1D7f6hJadru7CcQTt-SUql5TOjXggPhIDzjngHBNG0TK-qmAOJdIcq_MHq_m1aO1rTib8SnfKX_ZZKbrw3QZHBPEtKVvltV7eaKpd_U9FHAMeqOoVVxeVx_cpEmBpO9T7xI-XmN7IGGckxFPmFWpoCo9QRfIsDaEQFrpGnd18m\/s728\/FarsightAD4.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ4bLoM6UbnACZ0C1D7f6hJadru7CcQTt-SUql5TOjXggPhIDzjngHBNG0TK-qmAOJdIcq_MHq_m1aO1rTib8SnfKX_ZZKbrw3QZHBPEtKVvltV7eaKpd_U9FHAMeqOoVVxeVx_cpEmBpO9T7xI-XmN7IGGckxFPmFWpoCo9QRfIsDaEQFrpGnd18m\/s728\/FarsightAD4.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiJ4bLoM6UbnACZ0C1D7f6hJadru7CcQTt-SUql5TOjXggPhIDzjngHBNG0TK-qmAOJdIcq_MHq_m1aO1rTib8SnfKX_ZZKbrw3QZHBPEtKVvltV7eaKpd_U9FHAMeqOoVVxeVx_cpEmBpO9T7xI-XmN7IGGckxFPmFWpoCo9QRfIsDaEQFrpGnd18m\/s728\/FarsightAD4.png?resize=700%2C400&ssl=1 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/36737","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=36737"}],"version-history":[{"count":3,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/36737\/revisions"}],"predecessor-version":[{"id":36740,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/36737\/revisions\/36740"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/36742"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=36737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=36737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=36737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}