ACE

RESPONDER

Attack Animator

Blog

Learn

Challenges

Sign in

Active Directory Certificate Services (AD CS) provides a convenient way for organizations to manage digital certificates. It plays a fundamental role in securing communications, authenticating users and devices and a variety of integrity, authenticity, and encryption use cases. The strength of AD CS is its integration with Active Directory. This simplifies and streamlines many costly and complex tasks. However, it also introduces potential misconfigurations that attackers can abuse to escalate privileges and establish persistence. In this module we dive into enterprise Public Key Authentication (PKI) with AD CS. We discuss the ways organizations use certificates and how attackers abuse these features. In this module we focus on privilege escalation methods as an introduction to this topic. The events in your SIEM can be found in the following timespan: 7 May 2024 - 9 May 2024

AD CS Abuse

Share on Twitter
Share on LinkedIn

Active Directory Certificate Services (AD CS) provides a convenient way for organizations to manage digital certificates. It plays a fundamental role in securing communications, authenticating users and devices and a variety of integrity, authenticity, and encryption use cases. The strength of AD CS is its integration with Active Directory. This simplifies and streamlines many costly and complex tasks. However, it also introduces potential misconfigurations that attackers can abuse to escalate privileges and establish persistence.

In this module we dive into enterprise Public Key Authentication (PKI) with AD CS. We discuss the ways organizations use certificates and how attackers abuse these features. In this module we focus on privilege escalation methods as an introduction to this topic.

The events in your SIEM can be found in the following timespan: 7 May 2024 - 9 May 2024

Analyst

$17.49

/mo

14 Days Free

Explore realistic pre-recorded attacks

Master full-featured defensive platforms

Browser-based challenges and modules

Extended attack videos

Grants access to Analyst content. You can cancel any time by returning to this page and following the cancellation steps.

Defender

$44.49

/mo

Instant fully interactive labs

Hands-on prevention and detection

Master offensive techniques

Security engineering exercises

Highly realistic and dynamic scenarios

Access to all Analyst-level content

Grants access to all Defender content, Analyst content and interactive lab environments. You can cancel any time by returning to this page and following the cancellation steps.