top of page
Red Team Lab, Red Team Certifications, Red Team Trainings, Azure Pentesting, Azure Security

AD CS Attacks for Red and Blue Teams Lab Objective:

Identity plays a crucial role in security of an enterprise environment. Certainly, Identity is the new security perimeter. In an enterprise environment, Identity is usually managed by Active Directory or by Azure AD in case of a Hybrid Identity. An often-overlooked part of enterprise infrastructure is Active Directory Certificate Services (AD CS). AD CS is a Windows Server Role that implements Public Key Infrastructure and can be used for user authentication, machine authentication, document signing, email signing, file encryption and so much more. This makes AD CS a crucial part of Identity Management.

Red Team Lab, Red Team Certifications, Red Team Trainings, Azure Pentesting, Azure Security

Unfortunately, not many professionals understand AD CS. This, of course, makes it harder to secure it against even the simplest attacks that may result in compromise of the entire enterprise environment.
We have years of experience of teaching classes at world’s leading organizations and hacker conferences and Red Team operations against some of the better enterprise environments. Drawing from that experience, we have created this course and lab that helps you in getting started with Attacking and Defending AD CS.


The AD CS Attacks for Red and Blue Teams lab provides course videos, learning aids and a meticulously created lab environment that helps you in understanding AD CS security in-depth. The lab is beginner friendly and you don’t need any prior experience with AD CS. We cover a lot of interesting topics like CA enumeration, Local Privilege Escalation, Persistence by abusing Certificates, Domain Privilege Escalation by - abusing CA, Certificate Templates, Abusing Certificates – Client Auth, EFS, Code Signing, SSH etc., Domain persistence after compromising CA, Network Pivoting by abusing VPN Certificates, Abusing certificates on Linux machines, Lateral movement to Azure and a lot more!

What's Included

Red Team Lab, Red Team Certifications, Red Team Trainings, Azure Pentesting, Azure Security
  • Access to a lab environment (One/Two/Three months) with updated Server 2022 and Linux machines. Lab can be accessed using a web browser or VPN.

  • A ready to use student VM in the cloud that has both Windows and Linux tools pre-installed.

  • ​Life time access to all the learning material (including course updates).

  • 11+ hours of video course

  • Slides, Lab Manual, Walk-through videos and Diagrams as learning aid.

  • Lab manual for solving the labs.

  • One exam attempt for the Certified Enterprise Security Professional – AD CS (CESP - ADCS) certification.

  • Support on email and Discord.

What will you Learn?

Red Team Lab, Red Team Certifications, Red Team Trainings, Azure Pentesting, Azure Security
  • Performing Red Team operation or Penetration Test against a modern AD CS environment.

  • AD CS is not the only CA in the lab. Learn and practice attacks against other Certificate Services too!

  • Pivot to Azure by abusing Azure Certificate-based authentication.

  • Abuse VPN certificates to pivot to protected networks .

  • Abuse Trusted CAs across the AD forests.

  • Learn to execute attacks from both Windows and Linux.

Prerequisites for the course

  • If you are new to Red Teaming, Enterprise security and Active Directory security, you may like to go for the beginner's level course - CRTP.

  • Ability to use command line tools.

Purchase On-Demand Lab

 BLACK FRIDAY DEALS

On Demand Lab

30 DAYS LAB ACCESS
+
LIFE TIME ACCESS TO COURSE MATERIAL

+
ONE CERTIFICATION EXAM ATTEMPT

$249

On Demand Lab

60 DAYS LAB ACCESS
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
ONE CERTIFICATION EXAM ATTEMPT

$379

On Demand Lab

90 DAYS LAB ACCESS
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
ONE CERTIFICATION EXAM ATTEMPT

$499

- Flat 20% OFF on All Courses and Bootcamps in Q1 & Q2 2025
- 25% OFF when you purchase more than one course
- No coupon code required
- Offer Valid From 25th October To 3rd December 2024

Extension

​30 DAYS
LAB EXTENSION
+

ONE COMPLEMENTARY EXAM ATTEMPT

$199

Reattempt



EXAM
REATTEMPT

 

$99

Exam Reattempt is only for existing or past students of this course who have already purchased this course in the past.

Certificate Renewal - Only For Existing CESP - ADCS Certified Students

Course access and one renewal exam attempt is free. If you want to access the lab for practice or need another renewal exam attempt, purchase that from here.

Extension

30 DAYS LAB ACCESS FOR CERT RENEWAL

$149

Reattempt

ADDITIONAL
RENEWAL EXAM

$29

Terms of Purchase and Use:

  • You can start your lab access anytime within 90 days (180 days in case you have purchased the lab on Diwali / Black Friday sale) of purchase

  • You need a Google account to access the lab portal adcs.enterprisesecurity.io

  • One Certification Exam attempt is included in the pricing. Additional exam attempts will be $99 each

  • Once connected over VPN, consider the lab to be a hostile environment and you are responsible for your computer's security

  • The above lab is a shared environment and certain pre-specified machines will be off-limits

  • If you want a dedicated lab just for yourself, please use the form in the Contact-Us tab

adcs purchase
bottom of page