-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
CVE-2022-26923_AD-Certificate-Services
The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.
-
Locksmith
A small tool built to find and fix common misconfigurations in Active Directory Certificate Services. (by TrimarcJake)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
I definitely recommend running Certipy or Certify (compiled binary) to see if you can identify any vulnerabilities in your environment. As far as I know, this stuff won't come up on a Nessus scan. I know when I was a sysadmin I set this up insecurely (has now been fixed). However, AD CS is easy to set up ADCS knowing some of the security implications of the configurations.
I definitely recommend running Certipy or Certify (compiled binary) to see if you can identify any vulnerabilities in your environment. As far as I know, this stuff won't come up on a Nessus scan. I know when I was a sysadmin I set this up insecurely (has now been fixed). However, AD CS is easy to set up ADCS knowing some of the security implications of the configurations.
I definitely recommend running Certipy or Certify (compiled binary) to see if you can identify any vulnerabilities in your environment. As far as I know, this stuff won't come up on a Nessus scan. I know when I was a sysadmin I set this up insecurely (has now been fixed). However, AD CS is easy to set up ADCS knowing some of the security implications of the configurations.
I'm guessing there are multiple CVEs as it's a whole class of vulnerabilities. Here is one though... CVE-2022-26923.