Certify
Rubeus
Certify | Rubeus | |
---|---|---|
5 | 4 | |
1,385 | 3,842 | |
2.7% | 1.9% | |
0.0 | 5.7 | |
5 months ago | 6 days ago | |
C# | C# | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Certify
-
Pentester PSA: Check your Active Directory Certificate Services (AD CS) For Vulnerabilities
I definitely recommend running Certipy or Certify (compiled binary) to see if you can identify any vulnerabilities in your environment. As far as I know, this stuff won't come up on a Nessus scan. I know when I was a sysadmin I set this up insecurely (has now been fixed). However, AD CS is easy to set up ADCS knowing some of the security implications of the configurations.
-
Account Persistence - Certificates
Tools: Certify , Rubeus & Kekeo
- Wir schreiben für das c't-Magazin über Hacking und IT-Sicherheit - fragt uns alles! (Beginn 17 Uhr)
- GitHub - GhostPack/Certify: Active Directory certificate abuse.
Rubeus
-
How to Detect Pass-the-Ticket Attacks
Mimikatz can be used to perform pass-the-ticket, but in this post, we wanted to show how to execute the attack using another tool, Rubeus , lets you perform Kerberos based attacks. Rubeus is a C# toolset written by harmj0y and is based on the Kekeo project by Benjamin Delpy, the author of Mimikatz .
- Help with Protected Users mistake
-
Account Persistence - Certificates
Tools: Certify , Rubeus & Kekeo
What are some alternatives?
kekeo - A little toolbox to play with Microsoft Kerberos in C
wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
mimikatz - A little tool to play with Windows security
Certipy - Tool for Active Directory Certificate Services enumeration and abuse
impacket - Impacket is a collection of Python classes for working with network protocols.
CVE-2022-26923_AD-Certificate-Services - The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.
SharpCollection - Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
BruteShark - Network Analysis Tool
Powershell - Powershell scripts