adcs-certipy-attack
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive methodology for security researchers and penetration testers to evaluate ADCS configurations. The provided instructions are transparent and align with the stated purpose of identifying common misconfigurations like ESC1 through ESC11.
- [COMMAND_EXECUTION]: The skill documents the usage of various security tools including Certipy, Impacket, and NetExec. These commands are provided as examples for manual or automated assessment within a test environment and do not exhibit unauthorized execution or command injection vulnerabilities.
- [EXTERNAL_DOWNLOADS]: There are no automated downloads or executions of untrusted remote scripts. All referenced tools are standard utilities in the security industry, and any installation instructions (e.g., pip install) point to official package registries.
Audit Metadata