performing-active-directory-penetration-test

SUSPICIOUS: the skill is internally consistent as an Active Directory pentest playbook, but it gives an AI agent explicit offensive-security capabilities: credential extraction, privilege escalation, domain compromise, and persistence. There is little supply-chain concern in the text itself, yet the operational risk is very high because the skill enables exploitation against real targets.

This script is an offensive AD pentest automation tool that shells out to known offensive utilities (impacket, bloodhound-python, certipy, netexec). The code itself does not implement hidden backdoors or network exfiltration, but it handles credentials insecurely (passing them on command line) and will perform sensitive and potentially destructive AD enumeration and hash collection when run with valid credentials. It is dual-use: legitimate for authorized security testing, but dangerous if used by unauthorized actors. Recommend auditing usage, avoiding passing plaintext credentials on command-line (use more secure methods supported by tools), and restrict execution to authorized personnel and environments.

This file is a concise Active Directory offensive testing playbook outlining reconnaissance (enumeration), Kerberos and ADCS attacks, credential harvesting, domain escalation, and impact demonstration. The fragment is non-executable documentation and contains no hardcoded credentials or obfuscated code, but it provides explicit, actionable guidance for compromising AD environments. As a high-sensitivity dual-use document, it should be handled with caution: benign in an authorized pentest context, dangerous if used by unauthorized actors. Further investigation of associated tooling or repository context is recommended.