The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py utilizes subprocess.check_output to execute system utilities (certutil) and external security tools (certipy). This functionality is intended to automate the discovery of vulnerable certificate templates within an Active Directory environment. The commands are constructed using argument lists, which prevents shell injection vulnerabilities.
[CREDENTIALS_UNSAFE]: The scripts/agent.py script accepts Active Directory domain credentials (username and password) as command-line arguments. While this is a standard operational requirement for the tool's intended use in security auditing, it presents a minor risk as credentials may be visible in process listings or command history if not handled carefully by the user.
[PRIVILEGE_ESCALATION]: The skill documentation and associated workflows (found in SKILL.md and references/workflows.md) describe methods for escalating domain privileges to Domain Admin level. These instructions are presented as part of a legitimate red-teaming exercise framework and are supported by detection signatures and remediation guidance.

exploiting-active-directory-certificate-services-esc1