Thank you for this vulnerability breakdown and for even going through how ADCS works, very helpful. Liked and subbed

great video as usual how can i know ADCS hostname if i fully black box or i can just use DC hostname

Great video! It gives me a better understanding of AD and vulnerabilities. I have one question. What software is used in the video when you explain with diagrams? I ask because I think it is a good software that can explain things clearly.

Great breakdown ! Subbed

Please tell me, will I be able to exploit the invulnerability of CVE-2022-26923 with Certify.exe instead of certipy?

Cool

0:07 doesn't make sense? Why?

nice

will this CVE-2022-26923 is applicable for Azure AD or on-prem or both?

Hello, i have an issue when i tried to request a TGT. I have this error: Kerberos SessionError: KDC_ERR_PADATA_TYPE_NOSUPP. And Can you explain please, why you have a ssh connection into the domain controller? Thank you,

When i got NTLM hash for the machine account. Can i "pass the hash" on NTLM hash ?

Hi my friend I have 2 questions first you logged on the Lunar machine using ssh thm@ip & using password:Password1@ ???? second I keep getting this error when using Certipy failed to resolve lundc.lunar.eruca , is there something I'm missing my friend & thanks for all your efforts.