Does this skill cover common Windows vulnerabilities?

It includes exploitation and remediation guidance for critical Active Directory vulnerabilities, including ZeroLogon, PrintNightmare, and samAccountName spoofing.

Which tools are supported by this Claude Code Skill?

The skill provides guidance and pre-formatted commands for industry-standard tools such as BloodHound, Impacket, Mimikatz, Rubeus, CrackMapExec, and Responder.

What is the primary use of the Active Directory Security Testing skill?

It is designed for security researchers and penetration testers to perform authorized vulnerability assessments and red team operations within Windows domain environments.

Can this skill help identify lateral movement paths?

Yes, it specifically includes workflows for BloodHound enumeration and NTLM relay attacks to help security teams visualize and test lateral movement possibilities.

Is this skill appropriate for educational purposes?

Absolutely. It serves as a comprehensive reference for understanding the mechanics of Kerberos attacks, credential harvesting, and domain dominance in a structured, educational format.

Active Directory Security Testing

Name: Active Directory Security Testing
Author: claudiodearaujo

byclaudiodearaujo

セキュリティとテスト

Performs comprehensive security audits and penetration testing on Microsoft Active Directory environments to identify and mitigate vulnerabilities.

概要

The Active Directory Security Testing skill provides security professionals and red teams with a standardized framework for evaluating Windows domain environments. It streamlines complex offensive security workflows, including reconnaissance with BloodHound, credential harvesting via Kerberoasting, and domain dominance techniques like DCSync and Golden Ticket attacks. By consolidating industry-standard tool commands and implementation patterns, this skill assists in identifying high-risk attack paths and testing an organization's defensive posture against sophisticated lateral movement and privilege escalation threats.

主な機能

Domain-wide reconnaissance and attack path visualization using BloodHound and PowerView.
0 GitHub stars
Automated Kerberos-based attacks including Kerberoasting, AS-REP roasting, and ticket forging.
Advanced credential extraction techniques using DCSync and NTLM relay attacks.
Targeted exploitation guides for critical CVEs like ZeroLogon and PrintNightmare.
Integration for essential security tools including Impacket, Mimikatz, Rubeus, and CrackMapExec.

ユースケース

Conducting authorized internal penetration tests to identify misconfigured AD objects and service accounts.
Performing red team simulations to evaluate organizational detection and response capabilities.
Auditing Active Directory environments for legacy vulnerabilities and insecure authentication protocols.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/izacenter active-directory-attacks

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要

主な機能

Domain-wide reconnaissance and attack path visualization using BloodHound and PowerView.
0 GitHub stars
Automated Kerberos-based attacks including Kerberoasting, AS-REP roasting, and ticket forging.
Advanced credential extraction techniques using DCSync and NTLM relay attacks.
Targeted exploitation guides for critical CVEs like ZeroLogon and PrintNightmare.
Integration for essential security tools including Impacket, Mimikatz, Rubeus, and CrackMapExec.

ユースケース

Conducting authorized internal penetration tests to identify misconfigured AD objects and service accounts.
Performing red team simulations to evaluate organizational detection and response capabilities.
Auditing Active Directory environments for legacy vulnerabilities and insecure authentication protocols.