AI Agent Skill HUB
multiAI Summary Pending

pentest-active-directory

Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.

3,556 stars
byopenclaw
View on GitHubInstallation ↓

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/pentest-active-directory/SKILL.md --create-dirs "https://raw.githubusercontent.com/openclaw/skills/main/skills/0x-professor/pentest-active-directory/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/pentest-active-directory/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How pentest-active-directory Compares

Feature / Agentpentest-active-directoryStandard Approach
Platform SupportmultiLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.

Which AI agents support this skill?

This skill is compatible with multi.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Pentest Active Directory

## Stage

- PTES: 6
- MITRE: TA0006, TA0008

## Objective

Map and validate AD privilege escalation and movement paths.

## Required Workflow

1. Validate scope before any active action and reject out-of-scope targets.
2. Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
3. Write findings in canonical finding_schema format with reproducible PoC notes.
4. Honor dry-run mode and require explicit --i-have-authorization for live execution.
5. Export deterministic artifacts for downstream skill consumption.

## Execution

```bash
python skills/pentest-active-directory/scripts/active_directory.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run
```

## Outputs

- `ad-findings.json`
- `ad-attack-paths.json`
- `ad-report.json`

## References

- `references/tools.md`
- `skills/autonomous-pentester/shared/scope_schema.json`
- `skills/autonomous-pentester/shared/finding_schema.json`

## Legal and Ethical Notice

```text
WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

```