What tools are required to use this skill effectively?

It relies on industry-standard security tools including BloodHound, Impacket, Mimikatz, Rubeus, and CrackMapExec, typically run from a Kali Linux or Windows attack platform.

Is this skill intended for malicious use?

No, this skill is strictly for authorized security assessments, defensive validation, and controlled educational purposes only.

Does it cover recent Active Directory vulnerabilities?

Yes, it includes specific workflows for critical vulnerabilities such as ZeroLogon (CVE-2020-1472), PrintNightmare (CVE-2021-1675), and samAccountName spoofing.

Does the skill manage Kerberos requirements like time sync?

Yes, it includes specific steps to detect and resolve clock skew issues, which is a common prerequisite for successful Kerberos-based attacks.

Can I use this for defensive blue team purposes?

Absolutely. Understanding these attack vectors is essential for security administrators to identify weaknesses, harden AD configurations, and verify that monitoring systems detect malicious activity.

Active Directory Security Testing

Name: Active Directory Security Testing
Author: sickn33

bysickn33

•

31,722

•

セキュリティとテスト

Provides comprehensive techniques and automated workflows for performing authorized security assessments and penetration tests against Microsoft Active Directory environments.

This skill equips security professionals with a robust framework for identifying and exploiting vulnerabilities within Active Directory infrastructures. It covers the entire attack lifecycle, from initial reconnaissance and domain enumeration to advanced Kerberos exploitation, lateral movement, and domain dominance. By integrating industry-standard tools like BloodHound, Impacket, and Mimikatz, it streamlines the execution of complex attacks such as Kerberoasting, AS-REP Roasting, and DCSync, making it an essential resource for red teamers and penetration testers performing authorized security audits or defensive validation.

主な機能

01Comprehensive AD reconnaissance and enumeration using BloodHound and PowerView

02Automated credential harvesting via Kerberoasting, AS-REP Roasting, and Password Spraying

03Advanced Kerberos exploitation including Golden Ticket, Silver Ticket, and OverPass-the-Hash

04Guided exploitation for critical domain vulnerabilities like ZeroLogon and PrintNightmare

0531,722 GitHub stars

06Privilege escalation techniques through DCSync, NTLM relay, and AD CS exploitation

ユースケース

01Conducting internal penetration tests to identify misconfigured AD objects and permissions

02Executing authorized red team operations to test organizational resilience

03Validating defensive security controls and detection capabilities within a Windows environment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills active-directory-attacks

For use in Claude.ai and ChatGPT

主な機能

01Comprehensive AD reconnaissance and enumeration using BloodHound and PowerView

02Automated credential harvesting via Kerberoasting, AS-REP Roasting, and Password Spraying

03Advanced Kerberos exploitation including Golden Ticket, Silver Ticket, and OverPass-the-Hash

04Guided exploitation for critical domain vulnerabilities like ZeroLogon and PrintNightmare

0531,722 GitHub stars

06Privilege escalation techniques through DCSync, NTLM relay, and AD CS exploitation

ユースケース

01Conducting internal penetration tests to identify misconfigured AD objects and permissions

02Executing authorized red team operations to test organizational resilience

03Validating defensive security controls and detection capabilities within a Windows environment