Abusing Active Directory Certificate Services (ADCS) using LOLBAS

Thanks for watching! You can access the full ADCS lab setup and download files using the link below: https://buymeacoffee.com/offensiveopslabs/e/516220 It includes the lab instructions and required resources. Let us know if you need help setting it up. In this video, we explore how attackers can exploit Living Off the Land Binaries and Scripts (LOLBAS), specifically using the certutil and certreq tool, to perform ESC1 attacks. This technique is crucial in internal penetration testing and red team assessments, allowing attackers with limited privileges to escalate access using native Windows tools. blog:https://www.rbtsec.com/blog/practical-guide-to-adcs-attacks-using-lolbas/ Watch Next: Active Directory Certificate Attack Playlist: https://youtube.com/playlist?list=PLUMEY7cBcvDP19HB3qoBO6uTp-wxDFbFX&si=y_7JrMMDz2Z13fQY Follow Us: LinkedIn: https://www.linkedin.com/company/rbtsecurity/ Twitter: https://twitter.com/RBTSecurity Facebook: https://www.facebook.com/RBTSecur1ty/ Contact Us: For business inquiries and collaborations, please email us at [email protected] Educational Disclaimer: All content is intended for educational purposes only, to promote ethical hacking and security research. #ESC1 #ADCS #LOLBAS #REDTEAM #adcsattack #Pentesting #ActiveDirectory #CyberSecurity #EthicalHacking #RedTeam #SecurityResearch #EscalationTechniques #ADSecurity #ASSUMEDBREACHMODEL