Certipy
Featured🔥 Offensive Ops · Python
Certipy is a Python tool for enumerating and abusing Active Directory Certificate Services (AD CS). It can identify vulnerable certificate templates, request certificates for privilege escalation, perform ESC1-ESC8 attacks, extract CA private keys, and forge certificates. AD CS misconfigurations are among the most impactful attack paths in modern Active Directory environments, and Certipy automates the entire attack chain from enumeration to exploitation.
Installation
$ pip install certipy-adUse Cases
- AD CS misconfiguration enumeration (ESC1-ESC8)
- Certificate-based privilege escalation
- CA private key extraction
- Certificate forging for domain admin
- Shadow credential attacks
Tags
Details
- Category
- 🔥 Offensive Ops
- Language
- Python
- Repository
- ly4k/Certipy
Platforms
Alternatives & Comparisons
More in Offensive Ops
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
Havoc
C/C++Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.
Rubeus
C#C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.
Coercer
PythonAutomatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.
SharpHound
C#Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.
BeEF
RubyBrowser Exploitation Framework. Hook browsers via XSS, then pivot into the network using browser-based attacks.