Discover vulnerable AD CS certificates

Use the Certify tool to enumerate misconfigurations in Active Directory Certificate Services (AD CS).
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
Vulnerable Certificates


Ingress, load, and run Certify to find vulnerable certificates.