[Meta] Active Directory Certificate Services (AD CS) - Part 1

## Parent Epic (If Applicable)

https://github.com/elastic/ia-trade-team/issues/276

## Meta Summary

## Estimated Time to Complete

2 weeks

## Potential Blockers

- Lack of good logs for detections.
- Integration adjustments to collect AD CS logs.

## Tasklist

```[tasklist]
### Meta Tasks
- [ ] Read Blogs and watch talks to scope the work we want to do in this meta
- [ ] Build the Lab
- [ ] Inspect what Logs are available
- [ ] Integration improvements (if applicable)
- [ ] Provide Week 1 Update or Closeout Comment
- [ ] TBD
- [ ] TBD
- [ ] TBD
- [ ] TBD
- [ ] Provide Week 2 Update or Closeout Comment
```

## Resources / References

* https://youtu.be/ejmAIgxFRgM
* https://www.specterops.io/assets/resources/Certified_Pre-Owned.pdf
* https://www.thehacker.recipes/ad/movement/ad-cs
* https://docs.metasploit.com/docs/pentesting/active-directory/ad-certificates/
* https://github.com/ly4k/Certipy
* https://github.com/GhostPack/Certify
* https://github.com/GhostPack/ForgeCert
* https://www.blackarrow.net/adcs-weaponizing-esc7-attack
* https://www.exandroid.dev/2021/06/23/ad-cs-relay-attack-practical-guide
* https://www.youtube.com/watch?v=TVIej2N-sYo
* https://www.youtube.com/watch?v=74GSoi_SefA
* https://mayfly277.github.io/posts/GOADv2-pwning-part6/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Meta] Active Directory Certificate Services (AD CS) - Part 1 #3865

w0rk3r
openedon Jul 3, 2024

Parent Epic (If Applicable)

Meta Summary

Estimated Time to Complete

Potential Blockers

Tasklist

Meta Tasks

Resources / References

Assignees

Labels

Type

Projects

Milestone

Relationships

Development