Certipy vs Rubeus
GitHub Stats
About Certipy
Certipy is a Python tool for enumerating and abusing Active Directory Certificate Services (AD CS). It can identify vulnerable certificate templates, request certificates for privilege escalation, perform ESC1-ESC8 attacks, extract CA private keys, and forge certificates. AD CS misconfigurations are among the most impactful attack paths in modern Active Directory environments, and Certipy automates the entire attack chain from enumeration to exploitation.
About Rubeus
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It's the go-to tool for Kerberos-based attacks in Active Directory environments. Rubeus supports AS-REP roasting, Kerberoasting, unconstrained/constrained/resource-based constrained delegation abuse, S4U ticket requests, ticket extraction and renewal, and golden/silver ticket creation. It can be loaded reflectively in memory, making it a staple of modern AD attack chains.
Platform Support
Tags
Shared
Certipy only
Rubeus only