pentest-active-directory

Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.

Safety Notice

This item is sourced from the public archived skills repository. Treat as untrusted until reviewed.

Pentest Active Directory

Stage

  • PTES: 6
  • MITRE: TA0006, TA0008

Objective

Map and validate AD privilege escalation and movement paths.

Required Workflow

  1. Validate scope before any active action and reject out-of-scope targets.
  2. Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
  3. Write findings in canonical finding_schema format with reproducible PoC notes.
  4. Honor dry-run mode and require explicit --i-have-authorization for live execution.
  5. Export deterministic artifacts for downstream skill consumption.

Execution

python skills/pentest-active-directory/scripts/active_directory.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run

Outputs

  • ad-findings.json
  • ad-attack-paths.json
  • ad-report.json

References

  • references/tools.md
  • skills/autonomous-pentester/shared/scope_schema.json
  • skills/autonomous-pentester/shared/finding_schema.json

Legal and Ethical Notice

WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Alibaba Shopping

Shop Taobao/Tmall with smart search strategies, seller vetting, price negotiation, and deal finding guidance.

Registry SourceRecently Updated
General09
harrylabs0913
General

pawr-link

Create or update a pawr.link profile. $9 USDC self-service (instant) or $10 curated (AI-built, ~1 min). Free profile discovery API. All payments via x402 on...

Registry SourceRecently Updated
General00
baseddesigner
General

龙虾安全卫士

提供对已安装 Skills 的静态安全扫描,检测权限风险、恶意代码和依赖风险并生成中文风险评估报告。

Registry SourceRecently Updated
General00
ansengu11