Directories
¶
| Path | Synopsis |
|---|---|
|
Package account implements Certipy's `account` subcommand - creation, modification, deletion, and read-back of Active Directory user and computer accounts over LDAP.
|
Package account implements Certipy's `account` subcommand - creation, modification, deletion, and read-back of Active Directory user and computer accounts over LDAP. |
|
Package adcs models Active Directory Certificate Services objects and provides LDAP-backed enumeration helpers.
|
Package adcs models Active Directory Certificate Services objects and provides LDAP-backed enumeration helpers. |
|
Package auth unifies credential handling for certigo subcommands.
|
Package auth unifies credential handling for certigo subcommands. |
|
krb
Package krb provides AS-REQ / TGS-REQ Kerberos flows and ccache I/O for certigo.
|
Package krb provides AS-REQ / TGS-REQ Kerberos flows and ccache I/O for certigo. |
|
ntlm
Package ntlm implements a pure-Go NTLMv2 client per MS-NLMP.
|
Package ntlm implements a pure-Go NTLMv2 client per MS-NLMP. |
|
pkinit
Package pkinit implements the client-side PKINIT (RFC 4556) pre-auth path for Kerberos AS exchanges.
|
Package pkinit implements the client-side PKINIT (RFC 4556) pre-auth path for Kerberos AS exchanges. |
|
spnego
Package spnego bridges certigo's native NTLM implementation and the gokrb5 Kerberos/SPNEGO stack behind a single Negotiator interface so that upper-layer protocol bindings (LDAP, RPC, HTTP) can drive either mechanism with the same token-exchange loop.
|
Package spnego bridges certigo's native NTLM implementation and the gokrb5 Kerberos/SPNEGO stack behind a single Negotiator interface so that upper-layer protocol bindings (LDAP, RPC, HTTP) can drive either mechanism with the same token-exchange loop. |
|
Package ca exposes LDAP-backed management operations for AD CS CAs (pKIEnrollmentService objects) plus DCOM / MS-CSRA (ICertAdminD + ICertAdminD2) client bindings for Backup, request approval / denial, and Officer-rights management.
|
Package ca exposes LDAP-backed management operations for AD CS CAs (pKIEnrollmentService objects) plus DCOM / MS-CSRA (ICertAdminD + ICertAdminD2) client bindings for Backup, request approval / denial, and Officer-rights management. |
|
Package certcmd implements the business logic for certigo's "cert" subcommand: converting between PFX and PEM, extracting just the key or just the certificate, and re-encrypting PFX output with a different password.
|
Package certcmd implements the business logic for certigo's "cert" subcommand: converting between PFX and PEM, extracting just the key or just the certificate, and re-encrypting PFX output with a different password. |
|
Package coerce provides DCOM/RPC triggers that force a target server to authenticate to an attacker-controlled URL - a standard pattern for catching NTLM tickets for relay.
|
Package coerce provides DCOM/RPC triggers that force a target server to authenticate to an attacker-controlled URL - a standard pattern for catching NTLM tickets for relay. |
|
Package esc implements detection rules for Active Directory Certificate Services (AD CS) template and CA misconfigurations commonly known as the "ESCx" escalation classes (ESC1 through ESC16) documented in SpecterOps's "Certified Pre-Owned" paper and expanded by the Certipy project.
|
Package esc implements detection rules for Active Directory Certificate Services (AD CS) template and CA misconfigurations commonly known as the "ESCx" escalation classes (ESC1 through ESC16) documented in SpecterOps's "Certified Pre-Owned" paper and expanded by the Certipy project. |
|
Package forge implements the "Golden Certificate" attack: minting arbitrary X.509 certificates signed by a compromised Certificate Authority (CA) private key.
|
Package forge implements the "Golden Certificate" attack: minting arbitrary X.509 certificates signed by a compromised Certificate Authority (CA) private key. |
|
Package ldap wraps github.com/go-ldap/ldap/v3 with a thin dial helper and a credential-driven Bind that selects between simple bind, NTLM bind (via go-ldap's built-in NTLMBind / NTLMBindWithHash), and GSSAPI/SPNEGO bind (via gokrb5's spnego.SPNEGOClient plugged into the go-ldap GSSAPIClient interface).
|
Package ldap wraps github.com/go-ldap/ldap/v3 with a thin dial helper and a credential-driven Bind that selects between simple bind, NTLM bind (via go-ldap's built-in NTLMBind / NTLMBindWithHash), and GSSAPI/SPNEGO bind (via gokrb5's spnego.SPNEGOClient plugged into the go-ldap GSSAPIClient interface). |
|
Package output renders certigo's `find` enumeration results in a set of complementary formats: a human-readable text report modelled after Certipy's default pretty-printed output, a machine-friendly JSON document, a zip bundle combining both plus per-CA certificates, and a BloodHound CE OpenGraph edge set suitable for ingestion into the BloodHound UI.
|
Package output renders certigo's `find` enumeration results in a set of complementary formats: a human-readable text report modelled after Certipy's default pretty-printed output, a machine-friendly JSON document, a zip bundle combining both plus per-CA certificates, and a BloodHound CE OpenGraph edge set suitable for ingestion into the BloodHound UI. |
|
Package parse provides offline readers for AD CS artifacts: Windows registry text dumps (.reg) and Event Tracing logs (.evtx).
|
Package parse provides offline readers for AD CS artifacts: Windows registry text dumps (.reg) and Event Tracing logs (.evtx). |
|
Package pki provides X.509 + PFX + CSR primitives used across certigo subcommands.
|
Package pki provides X.509 + PFX + CSR primitives used across certigo subcommands. |
|
Package relay implements certigo's NTLM-to-AD-CS relay.
|
Package relay implements certigo's NTLM-to-AD-CS relay. |
|
Package req submits certificate requests to AD CS.
|
Package req submits certificate requests to AD CS. |
|
Package shadow implements Certipy's "shadow" attack: manipulating the msDS-KeyCredentialLink attribute on a target user or computer account in Active Directory (Shadow Credentials, per Michael Grafnetter / @_dirkjan).
|
Package shadow implements Certipy's "shadow" attack: manipulating the msDS-KeyCredentialLink attribute on a target user or computer account in Active Directory (Shadow Credentials, per Michael Grafnetter / @_dirkjan). |
|
Package template implements certigo's `template` subcommand backend: read, write, backup, and restore of AD CS pKICertificateTemplate LDAP objects under CN=Certificate Templates,CN=Public Key Services,CN=Services, <configNC>.
|
Package template implements certigo's `template` subcommand backend: read, write, backup, and restore of AD CS pKICertificateTemplate LDAP objects under CN=Certificate Templates,CN=Public Key Services,CN=Services, <configNC>. |
|
Package version exposes the build-stamped version string for certigo.
|
Package version exposes the build-stamped version string for certigo. |
Click to show internal directories.
Click to hide internal directories.