active-directory-attacks

SUSPICIOUS/HIGH-RISK skill. Its capabilities align with its stated offensive purpose, but that purpose is to enable AI-driven Active Directory compromise, credential theft, lateral movement, persistence, and exploit execution. This is not confirmed malware because there is no hidden exfiltration endpoint or deceptive install chain shown, but it is a high-risk offensive security skill that should not be broadly enabled for general-purpose agents.

This document is an offensive reference detailing actionable AD attack techniques (delegation, GPO abuse, SCCM/WSUS deployment of payloads, ADCS abuses, ticket forging, credential harvesting, etc.). It is highly actionable and intended to enable enterprise compromise and persistence. The content should be treated as malicious or dual-use offensive material: if found in a repository or dependency, it represents a high supply-chain and security risk and warrants immediate removal or strict review/containment. Use of the commands and tools described will likely result in credential theft, privilege escalation, and remote code execution in AD environments.