Active Directory Certificate Services: Hardening Your Security

This page summarizes the projects mentioned and recommended in the original post on /r/Netwrix

CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • PSPKIAudit

    PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.

    The PSPKIAudit tool can help you audit your PKI infrastructure. To use PSPKIAudit, simply download the tool from GitHub, import the module and run the Invoke-PKIAudit command. This will enumerate the Certificate Authority from Active Directory and then query it for some of the default options.

  • CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo
  • PetitPotam

    PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

    I expect an increasing number of attacks on Active Directory Certificate Services. In fact, a PetitPotam with ADCS NTLM Relaying attack has already come out since the SpecterOps paper was published, and SpecterOps is releasing ForgeCert, the Golden Ticket of Certificates, at BlackHat 2021. Therefore, it’s urgent to check for misconfigurations in your environment and remediate them promptly, and then to repeat the process on a regular basis.

  • ForgeCert

    "Golden" certificates

    I expect an increasing number of attacks on Active Directory Certificate Services. In fact, a PetitPotam with ADCS NTLM Relaying attack has already come out since the SpecterOps paper was published, and SpecterOps is releasing ForgeCert, the Golden Ticket of Certificates, at BlackHat 2021. Therefore, it’s urgent to check for misconfigurations in your environment and remediate them promptly, and then to repeat the process on a regular basis.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Open-source wheeled biped robot

    3 projects | news.ycombinator.com | 31 Oct 2024
  • Ask HN: Has Anyone Tried Single File Development with IDE Code Collapse?

    2 projects | news.ycombinator.com | 1 Nov 2024
  • Building a Simple TCP Server in C

    1 project | dev.to | 1 Nov 2024
  • Show HN: Termfu – A terminal debugger with custom layouts

    1 project | news.ycombinator.com | 1 Nov 2024
  • Show HN: PyAwaitable – Asynchronous code from Python's C API

    1 project | news.ycombinator.com | 1 Nov 2024