certsync
« Back to VersTracker
Description:
Dump NTDS with golden certificates and UnPAC the hash
Type: Formula  |  Latest Version: 0.1.6@3  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: active-directory pentesting security red-team pki
Install: brew install certsync
About:
CertSync is an Active Directory certificate abuse tool that dumps the NTDS.dit database using golden certificates. It leverages PKI misconfigurations to authenticate and extract credentials, then UnPAC the hashes to retrieve cleartext passwords. This enables attackers to escalate privileges and move laterally in compromised environments.
Key Features:
  • NTDS dumping via certificate-based authentication
  • Golden certificate generation and abuse
  • UnPAC the hash technique for password recovery
  • Python-based implementation for cross-platform use
Use Cases:
  • Red team engagements targeting PKI infrastructure
  • Active Directory security auditing and penetration testing
  • Post-exploitation credential harvesting in enterprise networks
Alternatives:
  • Certipy – Certipy offers broader PKI attack surface coverage while CertSync focuses on NTDS dumping via certificates
  • Mimikatz – Mimikatz provides comprehensive AD attacks but requires different authentication methods compared to certificate-based NTDS extraction
License: MIT
Dependencies: certifi, cryptography, python@3.14
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, sonoma, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Dec 5, 2025 10:35pm 3 VERSION_BUMP 41b38250
Oct 17, 2025 4:54pm 1 VERSION_BUMP 84bb57ef
Oct 17, 2025 8:21am 1 VERSION_BUMP ea11eb32
Sep 13, 2025 7:18am 1 VERSION_BUMP bf429b64
Oct 12, 2024 8:42pm 0 VERSION_BUMP c02b5bd7
Oct 12, 2024 3:14pm 0 VERSION_BUMP 5ef35544
« Back to VersTracker  |  Browse Packages  |  About