We may earn an affiliate commission when you visit our partners.
Kat DeLorean Seymour

Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be used to find and compromise vulnerable configurations of Active Directory Certificate Services, allowing you to establish persistence and elevate your domain privileges.

Read more

Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be used to find and compromise vulnerable configurations of Active Directory Certificate Services, allowing you to establish persistence and elevate your domain privileges.

During a Red Team engagement, after you have established a foothold and persistence on a system, you will want to elevate your privileges to further compromise the environment. Certify is a C# tool written by Will Schroeder and Lee Christiansen that can be utilized to find and compromise vulnerable configurations of Active Directory Certificate Services. In this course, Privilege Escalation with Certify, we will use Certify to elevate our domain privileges by a few different methods available with the tool including abusing misconfigured Certificate Templates, vulnerable certificate and PKI Access Control Lists and using NTLM Relay to add AD Certificate Services Endpoints. We will even see how we can use AD CS to extract valid NTLM hashes for users and establish long term persistence all without having to touch LSASS.

Enroll now

What's inside

Syllabus

Course Overview
Privilege Escalation with Certify
Resources

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Teaches skills, knowledge, and/or tools that are highly relevant to industry
Develops professional skills or deep expertise in a particular topic or set of topics
Taught by Kat DeLorean Seymour, who are recognized for their work in x
Taught by Lee Christiansen, who are recognized for their work in x
Teaches skills, knowledge, and/or tools that are useful for personal growth and development

Save this course

Save Privilege Escalation with Certify to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Privilege Escalation with Certify with these activities:
Implement a scenario to uncover and compromise misconfigured Certificate Templates
Practice elevating domain privileges using misconfigured Certificate Templates to solidify your understanding.
Browse courses on Certificate Templates
Show steps
  • Establish a testing environment with a vulnerable Certificate Template.
  • Use Certify to identify and exploit the misconfiguration.
  • Elevate your domain privileges.
Follow a tutorial on exploiting vulnerable certificate and PKI Access Control Lists
Reinforce your knowledge on identifying and exploiting these vulnerabilities through guided instruction.
Browse courses on Privilege Escalation
Show steps
  • Find a tutorial that covers exploiting vulnerable certificates and PKI ACLs.
  • Follow the steps outlined in the tutorial.
  • Test your understanding by attempting the exercises in the tutorial.
Practice using NTLM Relay to add AD Certificate Services Endpoints
Enhance your skills in exploiting NTLM Relay to gain control over AD Certificate Services Endpoints.
Show steps
  • Set up a lab environment with vulnerable machines.
  • Configure Certify to use NTLM Relay.
  • Execute the attack and add a new AD Certificate Services Endpoint.
Three other activities
Expand to see all activities and additional details
Show all six activities
Write a blog post總結the methods of privilege escalation with Certify
Solidify your understanding and share your knowledge by writing a comprehensive blog post on the techniques covered in the course.
Browse courses on Privilege Escalation
Show steps
  • Review your notes and identify the key concepts.
  • Research additional materials to supplement your knowledge.
  • Write a draft of your blog post.
  • Edit and proofread your post.
  • Publish your blog post and share it with others.
Attend an industry conference or meetup focused on cybersecurity
Networking and attending industry events can provide valuable insights to complement your learning.
Browse courses on Cybersecurity
Show steps
  • Identify industry conferences or meetups relevant to the course topic.
  • Register and attend the event.
  • Engage with speakers, attendees, and exhibitors.
Develop a proof-of-concept tool to automate privilege escalation using Certify
Challenge yourself by creating a tool that automates the techniques you learned, demonstrating your mastery of the subject.
Browse courses on Privilege Escalation
Show steps
  • Design the architecture of your tool.
  • Develop the code for your tool.
  • Test your tool in a lab environment.
  • Document your tool and make it available to others.

Career center

Learners who complete Privilege Escalation with Certify will develop knowledge and skills that may be useful to these careers:
Security Engineer
Security Engineers design, implement, and maintain security measures to protect an organization's computer systems and networks. The techniques you learn in this course can be directly applied to a career as a Security Engineer. This course will help you develop the skills you need to protect Active Directory Certificate Services from attack.
Penetration Tester
Penetration Testers are responsible for identifying and exploiting security vulnerabilities in computer systems and networks. The techniques you learn in this course can be directly applied to a career as a Penetration Tester. This course will help you develop the skills you need to find and exploit vulnerabilities in Active Directory Certificate Services.
Information Security Analyst
An Information Security Analyst plans and implements security measures to protect an organization's computer systems and networks. As an Information Security Analyst, you can use the exploitation techniques you learn in this course to take on the role of a security tester. This course can help build a foundation for your offensive security career.
Systems Administrator
Systems Administrators are responsible for managing and maintaining computer systems and networks. This course may be useful for your career as a Systems Administrator as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better protect the systems you manage from similar attacks.
IT Auditor
IT Auditors are responsible for assessing an organization's IT systems and controls. This course may be useful for your career as an IT Auditor as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to identify and mitigate security risks.
Network Administrator
Network Administrators are responsible for managing and maintaining computer networks. This course may be useful for your career as a Network Administrator as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better protect the networks you manage from similar attacks.
Incident Responder
Incident Responders are responsible for responding to and investigating security incidents. This course may be useful for your career as an Incident Responder as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to identify and mitigate security risks.
Cloud Security Engineer
Cloud Security Engineers are responsible for securing cloud computing environments. This course may be useful for your career as a Cloud Security Engineer as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better protect cloud environments from similar attacks.
Malware Analyst
Malware Analysts are responsible for analyzing and identifying malware. This course may be useful for your career as a Malware Analyst as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to identify and mitigate security risks.
Security Architect
Security Architects design and implement security solutions for organizations. This course may be useful for your career as a Security Architect as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Chief Information Security Officer (CISO)
Chief Information Security Officers (CISOs) are responsible for overseeing an organization's information security program. This course may be useful for your career as a CISO as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Information Security Manager
Information Security Managers are responsible for developing and implementing security policies and procedures. This course may be useful for your career as an Information Security Manager as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Cybersecurity Analyst
Cybersecurity Analysts are responsible for identifying, analyzing, and responding to cybersecurity threats. This course may be useful for your career as a Cybersecurity Analyst as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Security Consultant
Security Consultants help organizations improve their security posture by identifying vulnerabilities and recommending solutions. This course may be useful for your career as a Security Consultant as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.
Ethical Hacker
Ethical Hackers, also known as White Hat Hackers, are security professionals who use their skills to help organizations identify and fix security vulnerabilities. This course may be useful for your career as an Ethical Hacker as it teaches how to find and exploit vulnerabilities in Active Directory Certificate Services. This can help you better understand how to protect organizations from similar attacks.

Reading list

We've selected eight books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Privilege Escalation with Certify.
Provides a deep dive into the inner workings of Windows, including Active Directory and Certificate Services. It is invaluable for understanding the vulnerabilities that Certify exploits.
Provides a practical guide to penetration testing, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to network security assessment, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to computer security incident handling, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to the CEH certification, including chapters on privilege escalation and persistence. It would be a helpful resource for those interested in learning more about these topics.
Provides a comprehensive guide to using Metasploit for penetration testing. It includes information on modules that can be used with Certify.
Provides a comprehensive guide to security engineering. It includes information on topics such as privilege escalation and access control.

Share

Help others find this course page by sharing it with your friends and followers:
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser