Rubeus
Certify
Our great sponsors
Rubeus | Certify | |
---|---|---|
4 | 5 | |
3,817 | 1,366 | |
2.8% | 2.9% | |
6.1 | 0.0 | |
28 days ago | 4 months ago | |
C# | C# | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Rubeus
-
How to Detect Pass-the-Ticket Attacks
Mimikatz can be used to perform pass-the-ticket, but in this post, we wanted to show how to execute the attack using another tool, Rubeus , lets you perform Kerberos based attacks. Rubeus is a C# toolset written by harmj0y and is based on the Kekeo project by Benjamin Delpy, the author of Mimikatz .
- Help with Protected Users mistake
-
Account Persistence - Certificates
Tools: Certify , Rubeus & Kekeo
Certify
-
Pentester PSA: Check your Active Directory Certificate Services (AD CS) For Vulnerabilities
I definitely recommend running Certipy or Certify (compiled binary) to see if you can identify any vulnerabilities in your environment. As far as I know, this stuff won't come up on a Nessus scan. I know when I was a sysadmin I set this up insecurely (has now been fixed). However, AD CS is easy to set up ADCS knowing some of the security implications of the configurations.
-
Account Persistence - Certificates
Tools: Certify , Rubeus & Kekeo
- Wir schreiben für das c't-Magazin über Hacking und IT-Sicherheit - fragt uns alles! (Beginn 17 Uhr)
- GitHub - GhostPack/Certify: Active Directory certificate abuse.
What are some alternatives?
kekeo - A little toolbox to play with Microsoft Kerberos in C
mimikatz - A little tool to play with Windows security
wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
impacket - Impacket is a collection of Python classes for working with network protocols.
Certipy - Tool for Active Directory Certificate Services enumeration and abuse
SharpCollection - Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
CVE-2022-26923_AD-Certificate-Services - The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.
BruteShark - Network Analysis Tool
Powershell - Powershell scripts