ForgeCert: Abusing Active Directory Certificate Services
ForgeCert ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory. This attack is codified as DPERSIST1 in our “Certified...
