Certified Pre-Owned Abusing Active Directory Certificate Services
By SpecterOps
DownloadActive Directory Certificate Services (AD CS) has significant security implications often overlooked. This eBook examines how AD CS can be exploited for credential theft, machine persistence, domain escalation, and persistent access.
Key findings include:
· Stealing certificates that survive password resets
· Abusing misconfigured templates for escalation
· Using a CA's private key to forge certificates
· Exploiting NTLM relay attacks against AD CS endpoints
Guidance for defenders includes:
· Treating CA servers as Tier 0 assets
· Hardening certificate templates and settings
· Monitoring suspicious enrollments and events
Understand the security implications of this system.
Download this Product Overview
