We may earn an affiliate commission when you visit our partners.
Kat DeLorean Seymour
Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be used to find and compromise vulnerable configurations of Active Directory Certificate Services, allowing you to establish persistence and elevate your domain privileges.
Read more
Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be used to find and compromise vulnerable configurations of Active Directory Certificate Services, allowing you to establish persistence and elevate your domain privileges.
Read more
Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be used to find and compromise vulnerable configurations of Active Directory Certificate Services, allowing you to establish persistence and elevate your domain privileges.
During a Red Team engagement, after you have established a foothold and persistence on a system, you will want to elevate your privileges to further compromise the environment. Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be utilized to find and compromise vulnerable configurations of Active Directory Certificate Services. In this course, Privilege Escalation with Certify, we will use Certify to elevate our domain privileges by a few different methods available with the tool including abusing misconfigured Certificate Templates, vulnerable certificate and PKI Access Control Lists and using NTLM Relay to add AD Certificate Services Endpoints. We will even see how we can use AD CS to extract valid NTLM hashes for users and establish long term persistence all without having to touch LSASS.
Register for this course and see more details by visiting:
OpenCourser.com/course/z1ua66/privilege
Here's a deal for you
We found an offer that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
What's inside
Syllabus
Course Overview
Privilege Escalation with Certify
Resources
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Teaches skills, knowledge, and/or tools that are highly relevant to industry
Develops professional skills or deep expertise in a particular topic or set of topics
Taught by Kat DeLorean Seymour, who are recognized for their work in x
Taught by Lee Christiansen, who are recognized for their work in x
Teaches skills, knowledge, and/or tools that are useful for personal growth and development
Save this course
Save Privilege Escalation with Certify to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Privilege Escalation with Certify with these
activities:
Implement a scenario to uncover and compromise misconfigured Certificate Templates
Show steps
Practice elevating domain privileges using misconfigured Certificate Templates to solidify your understanding.
Browse courses on
Certificate Templates
Show steps
-
Establish a testing environment with a vulnerable Certificate Template.
-
Use Certify to identify and exploit the misconfiguration.
-
Elevate your domain privileges.
Follow a tutorial on exploiting vulnerable certificate and PKI Access Control Lists
Show steps
Reinforce your knowledge on identifying and exploiting these vulnerabilities through guided instruction.
Browse courses on
Privilege Escalation
Show steps
-
Find a tutorial that covers exploiting vulnerable certificates and PKI ACLs.
-
Follow the steps outlined in the tutorial.
-
Test your understanding by attempting the exercises in the tutorial.
Practice using NTLM Relay to add AD Certificate Services Endpoints
Show steps
Enhance your skills in exploiting NTLM Relay to gain control over AD Certificate Services Endpoints.
Show steps
-
Set up a lab environment with vulnerable machines.
-
Configure Certify to use NTLM Relay.
-
Execute the attack and add a new AD Certificate Services Endpoint.
Three other activities
Expand to see all activities and additional details
Show all six activities
Write a blog post總結the methods of privilege escalation with Certify
Show steps
Solidify your understanding and share your knowledge by writing a comprehensive blog post on the techniques covered in the course.
Browse courses on
Privilege Escalation
Show steps
-
Review your notes and identify the key concepts.
-
Research additional materials to supplement your knowledge.
-
Write a draft of your blog post.
-
Edit and proofread your post.
-
Publish your blog post and share it with others.
Attend an industry conference or meetup focused on cybersecurity
Show steps
Networking and attending industry events can provide valuable insights to complement your learning.
Browse courses on
Cybersecurity
Show steps
-
Identify industry conferences or meetups relevant to the course topic.
-
Register and attend the event.
-
Engage with speakers, attendees, and exhibitors.
Develop a proof-of-concept tool to automate privilege escalation using Certify
Show steps
Challenge yourself by creating a tool that automates the techniques you learned, demonstrating your mastery of the subject.
Browse courses on
Privilege Escalation
Show steps
-
Design the architecture of your tool.
-
Develop the code for your tool.
-
Test your tool in a lab environment.
-
Document your tool and make it available to others.
Implement a scenario to uncover and compromise misconfigured Certificate Templates
Show steps
Practice elevating domain privileges using misconfigured Certificate Templates to solidify your understanding.
Browse courses on
Certificate Templates
Show steps
Show steps
Show steps
- Establish a testing environment with a vulnerable Certificate Template.
- Use Certify to identify and exploit the misconfiguration.
- Elevate your domain privileges.
Follow a tutorial on exploiting vulnerable certificate and PKI Access Control Lists
Show steps
Reinforce your knowledge on identifying and exploiting these vulnerabilities through guided instruction.
Browse courses on
Privilege Escalation
Show steps
Show steps
Show steps
- Find a tutorial that covers exploiting vulnerable certificates and PKI ACLs.
- Follow the steps outlined in the tutorial.
- Test your understanding by attempting the exercises in the tutorial.
Practice using NTLM Relay to add AD Certificate Services Endpoints
Show steps
Enhance your skills in exploiting NTLM Relay to gain control over AD Certificate Services Endpoints.
Show steps
Show steps
Show steps
- Set up a lab environment with vulnerable machines.
- Configure Certify to use NTLM Relay.
- Execute the attack and add a new AD Certificate Services Endpoint.
Three other activities
Expand to see all activities and additional details
Show all six activities
Write a blog post總結the methods of privilege escalation with Certify
Show steps
Solidify your understanding and share your knowledge by writing a comprehensive blog post on the techniques covered in the course.
Browse courses on
Privilege Escalation
Show steps
Show steps
Show steps
- Review your notes and identify the key concepts.
- Research additional materials to supplement your knowledge.
- Write a draft of your blog post.
- Edit and proofread your post.
- Publish your blog post and share it with others.
Attend an industry conference or meetup focused on cybersecurity
Show steps
Networking and attending industry events can provide valuable insights to complement your learning.
Browse courses on
Cybersecurity
Show steps
Show steps
Show steps
- Identify industry conferences or meetups relevant to the course topic.
- Register and attend the event.
- Engage with speakers, attendees, and exhibitors.
Develop a proof-of-concept tool to automate privilege escalation using Certify
Show steps
Challenge yourself by creating a tool that automates the techniques you learned, demonstrating your mastery of the subject.
Browse courses on
Privilege Escalation
Show steps
Show steps
Show steps
- Design the architecture of your tool.
- Develop the code for your tool.
- Test your tool in a lab environment.
- Document your tool and make it available to others.
Career center
Learners who complete Privilege Escalation with Certify will develop knowledge and skills
that may be useful to these careers:
Security Engineer
Security Engineer
Security Engineers design, implement, and maintain security measures to protect an organization's computer systems and networks. The techniques you learn in this course can be directly applied to a career as a Security Engineer. This course will help you develop the skills you need to protect Active Directory Certificate Services from attack.
Penetration Tester
Penetration Tester
Penetration Testers are responsible for identifying and exploiting security vulnerabilities in computer systems and networks. The techniques you learn in this course can be directly applied to a career as a Penetration Tester. This course will help you develop the skills you need to find and exploit vulnerabilities in Active Directory Certificate Services.
Information Security Analyst
Information Security Analyst
An Information Security Analyst plans and implements security measures to protect an organization's computer systems and networks. As an Information Security Analyst, you can use the exploitation techniques you learn in this course to take on the role of a security tester. This course can help build a foundation for your offensive security career.
Systems Administrator
Systems Administrator
Systems Administrators are responsible for managing and maintaining computer systems and networks. This course may be useful for your career as a Systems Administrator as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better protect the systems you manage from similar attacks.
IT Auditor
IT Auditor
IT Auditors are responsible for assessing an organization's IT systems and controls. This course may be useful for your career as an IT Auditor as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to identify and mitigate security risks.
Network Administrator
Network Administrator
Network Administrators are responsible for managing and maintaining computer networks. This course may be useful for your career as a Network Administrator as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better protect the networks you manage from similar attacks.
Incident Responder
Incident Responder
Incident Responders are responsible for responding to and investigating security incidents. This course may be useful for your career as an Incident Responder as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to identify and mitigate security risks.
Cloud Security Engineer
Cloud Security Engineer
Cloud Security Engineers are responsible for securing cloud computing environments. This course may be useful for your career as a Cloud Security Engineer as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better protect cloud environments from similar attacks.
Malware Analyst
Malware Analyst
Malware Analysts are responsible for analyzing and identifying malware. This course may be useful for your career as a Malware Analyst as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to identify and mitigate security risks.
Security Architect
Security Architect
Security Architects design and implement security solutions for organizations. This course may be useful for your career as a Security Architect as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Chief Information Security Officers (CISOs) are responsible for overseeing an organization's information security program. This course may be useful for your career as a CISO as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for developing and implementing security policies and procedures. This course may be useful for your career as an Information Security Manager as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Cybersecurity Analyst
Cybersecurity Analyst
Cybersecurity Analysts are responsible for identifying, analyzing, and responding to cybersecurity threats. This course may be useful for your career as a Cybersecurity Analyst as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Security Consultant
Security Consultant
Security Consultants help organizations improve their security posture by identifying vulnerabilities and recommending solutions. This course may be useful for your career as a Security Consultant as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Ethical Hacker
Ethical Hacker
Ethical Hackers, also known as White Hat Hackers, are security professionals who use their skills to help organizations identify and fix security vulnerabilities. This course may be useful for your career as an Ethical Hacker as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
For more career information including salaries, visit:
OpenCourser.com/course/z1ua66/privilege
Reading list
We've selected eight books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Privilege Escalation with Certify.
Provides a deep dive into the inner workings of Windows, including Active Directory and Certificate Services. It is invaluable for understanding the vulnerabilities that Certify exploits.
Save
Provides a practical guide to penetration testing, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to network security assessment, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to computer security incident handling, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to the CEH certification, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Save
Provides a comprehensive overview of cryptography, including topics such as public key cryptography and digital certificates. It valuable resource for understanding the cryptographic concepts that underpin Certify.
Provides a comprehensive guide to using Metasploit for penetration testing. It includes information on modules that can be used with Certify.
Provides a comprehensive guide to security engineering. It includes information on topics such as privilege escalation and access control.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/z1ua66/privilege
Share
Similar courses
Here are nine courses similar to
Privilege Escalation with Certify.
Post Exploitation with Meterpreter
OpenCourser.com/course/njw1lh/post
Post Exploitation with Meterpreter
Most relevant
Overview of AWS
OpenCourser.com/course/1cv4s3/overview
Overview of AWS
Post Exploitation with PowerShell
OpenCourser.com/course/583mb7/post
Post Exploitation with PowerShell
Privilege Escalation with UACMe
OpenCourser.com/course/65ntg9/privilege
Privilege Escalation with UACMe
Cloud Infrastructure Analysis with Scout Suite
OpenCourser.com/course/63z8cb/cloud
Cloud Infrastructure Analysis with Scout Suite
Exploiting and Securing Vulnerabilities in Java Applications
OpenCourser.com/course/4u4apr/exploiting
Exploiting and Securing Vulnerabilities in Java...
Metasploit: Getting Started
OpenCourser.com/course/vdfcts/metasploit
Metasploit: Getting Started
Lateral Movement with Infection Monkey
OpenCourser.com/course/bd5a3w/lateral
Lateral Movement with Infection Monkey
Privilege Escalation with Rubeus
OpenCourser.com/course/48nhsn/privilege
Privilege Escalation with Rubeus
Time
18 hours
Level
Intermediate
Via
Pluralsight
Instructor
Kat DeLorean Seymour
Language
English
Good to know
Teaches skills, knowledge, and/or tools that are highly relevant to industry
Develops professional skills or deep expertise in a particular topic or set of topics
Taught by Kat DeLorean Seymour, who are recognized for their work in x
Taught by Lee Christiansen, who are recognized for their work in x
Teaches skills, knowledge, and/or tools that are useful for personal growth and development
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser