TheGreatL/Active Directory Attacks
.agents/skills/active-directory-attacks/SKILL.md
This skill should be used when the user asks to "attack Active Directory", "exploit AD", "Kerberoasting", "DCSync", "pass-the-hash", "BloodHound enumeration", "Golden Ticket", "Silver Ticket", "AS-REP roasting", "NTLM relay", or needs guidance on Windows domain penetration testing.
development
Updated Apr 15, 2026
$ install --global
skillsauthnpx skillsauth add TheGreatL/react-supabase-boilerplate Active Directory AttacksInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 10:51 PM13.6s22 files scanned
SKILL.md
- name:
- Active Directory Attacks
- author:
- zebbern
- version:
- 4.1.0-fractal
Active Directory Attacks
Purpose
Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.
Inputs/Prerequisites
- Kali Linux or Windows attack platform
- Domain user credentials (for most attacks)
- Network access to Domain Controller
- Tools: Impacket, Mimikatz, BloodHound, Rubeus, CrackMapExec
Outputs/Deliverables
- Domain enumeration data
- Extracted credentials and hashes
- Kerberos tickets for impersonation
- Domain Administrator access
- Persistent access mechanisms
Essential Tools
| Tool | Purpose | | ------------ | ---------------------------- | | BloodHound | AD attack path visualization | | Impacket | Python AD attack tools | | Mimikatz | Credential extraction | | Rubeus | Kerberos attacks | | CrackMapExec | Network exploitation | | PowerView | AD enumeration | | Responder | LLMNR/NBT-NS poisoning |
Core Workflow
🧠 Knowledge Modules (Fractal Skills)
1. Step 1: Kerberos Clock Sync
2. Step 2: AD Reconnaissance with BloodHound
3. Step 3: PowerView Enumeration
4. Password Spraying
5. Kerberoasting
6. AS-REP Roasting
7. DCSync Attack
8. Pass-the-Ticket (Golden Ticket)
9. Silver Ticket
10. Pass-the-Hash
11. OverPass-the-Hash
12. Responder + ntlmrelayx
13. SMB Signing Check
14. ESC1 - Misconfigured Templates
15. ESC8 - Web Enrollment Relay
16. ZeroLogon (CVE-2020-1472)
17. PrintNightmare (CVE-2021-1675)
18. samAccountName Spoofing (CVE-2021-42278/42287)
19. Example 1: Domain Compromise via Kerberoasting
20. Example 2: NTLM Relay to LDAP
Related Skills
TheGreatL/agent-tool-builder
tools
VerifiedTrustedCommunity
Tools are how AI agents interact with the world. A well-designed tool is the difference between an agent that works and one that hallucinates, fails silently, or costs 10x more tokens than necessary. This skill covers tool design from schema to error handling. JSON Schema best practices, description writing that actually helps the LLM, validation, and the emerging MCP standard that's becoming the lingua franca for AI tools. Key insight: Tool descriptions are more important than tool implementa
SKILL.mdUpdated Apr 15, 2026
TheGreatL/agent-strategic-compact
development
VerifiedTrustedCommunity
Development skill from everything-agent-code
SKILL.mdUpdated Apr 15, 2026
TheGreatL/agent-security-review
development
VerifiedTrustedCommunity
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
SKILL.mdUpdated Apr 15, 2026
TheGreatL/agent-project-guidelines-example
documentation
VerifiedTrustedCommunity
Project Guidelines Skill (Example)
SKILL.mdUpdated Apr 15, 2026