Skills
skills/zebbern/secops-cli-guides/Active Directory Attacks/Gen Agent Trust Hub

Active Directory Attacks

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The skill is centered on the unauthorized harvesting of sensitive domain credentials.
  • Evidence: Provides commands for secretsdump.py to extract NTLM hashes from Domain Controllers and mimikatz for DCSync attacks to retrieve the krbtgt hash.
  • Evidence: Includes techniques for Kerberoasting and AS-REP Roasting to obtain crackable ticket hashes.
  • [COMMAND_EXECUTION] (HIGH): The skill facilitates lateral movement and unauthorized command execution on remote systems.
  • Evidence: Provides instructions for using psexec.py, wmiexec.py, and smbexec.py to execute commands with administrative privileges on remote targets using hashes or credentials.
  • [REMOTE_CODE_EXECUTION] (HIGH): The skill contains workflows for exploiting critical, wormable vulnerabilities to gain system-level access.
  • Evidence: Instructions for CVE-2020-1472 (ZeroLogon) involve resetting machine account passwords to gain domain dominance.
  • Evidence: Instructions for CVE-2021-1675 (PrintNightmare) involve the execution of a malicious remote DLL hosted on an attacker-controlled share.
Recommendations
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:50 PM