Add: GhostPack/ForgeCert to Privilege Escalation section

2024-06-24 12:42:11 +00:00 · 2021-08-06 14:33:44 +07:00 · 2021-08-06 14:33:44 +07:00 · 237717cb0b
commit 237717cb0b
parent 10e52d60d1
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -777,6 +777,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/eladshamir/Whisker">eladshamir/Whisker</a></td>
        <td>Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/GhostPack/ForgeCert">GhostPack/ForgeCert</a></td>
+        <td>ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/GoSecure/WSuspicious">GoSecure/WSuspicious</a></td>
        <td>WSuspicious - A tool to abuse insecure WSUS connections for privilege escalationsWSuspicious - A tool to abuse insecure WSUS connections for privilege escalations</td>