ZephrFish

ZephrFish / LOLADCS

Public

PowerShell implementation for AD CS

83
8
100% credibility
Found Feb 20, 2026 at 64 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
PowerShell
AI Summary

A set of native Windows scripts for enumerating and testing vulnerabilities in Active Directory Certificate Services setups.

How It Works

1
🔍 Discover the Toolkit

You come across this collection of helpful scripts designed to check for security weak spots in Windows network certificate setups.

2
📥 Download the Scripts

You save the simple folder of checking tools onto your Windows test computer.

3
💻 Prepare Your Setup

You ensure your lab machine is ready, either connected to a test network or with a saved data snapshot.

4
Pick Your Checking Style
🌐
Live Check

Probe the active network directly to spot issues in real time.

📸
Snapshot Review

Examine an offline copy of your network data without any connections.

5
📋 Spot the Weaknesses

You get a straightforward list of discovered problems, complete with ready-to-use testing steps.

6
🧪 Test in Safety

In your controlled lab environment, you safely try the suggested actions to see how risks play out.

7
🔧 Apply Fixes

You follow the insights to patch vulnerabilities and tighten certificate security.

Security Boosted

Your network certificates are now thoroughly checked and strengthened against potential threats.

Sign up to see the full architecture

6 more

Sign Up Free

Star Growth

See how this repo grew from 64 to 83 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is LOLADCS?

LOLADCS is a PowerShell toolkit for enumerating and exploiting Active Directory Certificate Services misconfigurations, covering all 13 ESC vulnerabilities with native Windows tools like certreq.exe and certutil.exe. It lets you scan live domains, run offline audits on AD snapshots, request malicious certificates, and perform post-exploitation like certificate-based LDAP auth or shadow credentials attacks—all from a domain user context. Download this GitHub PowerShell repository for a no-fuss powershell github download that handles AD CS ops without third-party dependencies beyond RSAT.

Why is it gaining traction?

It stands out with offline snapshot auditing via ADExplorer files, interactive LDAP shells for post-exploit, and OPSEC tweaks like delays and jitter to dodge detection—features rare in other AD CS tools. The one-stop enum-to-exploit flow spits out ready-to-run commands, plus standalone shadow creds without needing certs first. Developers grab it for the pure PowerShell github module vibe, integrable with powershell github actions or cli workflows.

Who should use this?

Red teamers during AD engagements needing quick ESC1-13 checks and cert pass-the-hash pivots. Blue team defenders auditing CA templates and PKI ACLs offline. Pentesters emulating attacks in labs, especially with its domain recon and remote audit modes for low-priv users.

Verdict

Grab it if AD CS is your focus—solid docs and user-facing CLI make the 44 stars and 1.0% credibility score forgivable for an early powershell github releases project. Test in labs first; it's niche but battle-tested for emulation. (198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.