Metasploit has a very nice attack flow on finding vulnerable ADCS certificates for exploitation. Currently metasploit supports attacking ESC1 to ESC4. I always feel like this alternate tooling isn't talked about near as much. docs.metasploit.com/docs/pentestin…
6
104
303
29K
87
@rootsecdev Is it easier than just using the certify executables?
@rootsecdev When did they update the docs? These actually look good. I remember the old docs were pretty bad and outdated.