MCPcopy Index your code

hub / github.com/ly4k/Certipy / functions

Functions406 in github.com/ly4k/Certipy

↓ 181 callersMethodget
Get an attribute value from the LDAP entry with support for default values. This method provides convenient access to LDAP attribute
certipy/lib/ldap.py:96
↓ 168 callersMethodinfo
Show detailed information about a specific Key Credential. Returns: True if the Key Credential was found and info displa
certipy/commands/shadow.py:579
↓ 58 callersFunctionhandle_error
Handle errors by printing the error message and exiting the program. This function is a placeholder for error handling logic. It can be exte
certipy/lib/errors.py:53
↓ 48 callersMethodset
Set an attribute value in the LDAP entry. Args: key: Attribute name to set value: Value to assign to the att
certipy/lib/ldap.py:121
↓ 17 callersFunctione2i
Convert an Impacket enum member to its integer value. Static type analysis is confused by the fact that Impacket enums are not standard
certipy/lib/structs.py:635
↓ 17 callersFunctiontry_to_save_file
Try to write data to a file or stdout if file writing fails. This function attempts to save data to the specified path. If writing fails,
certipy/lib/files.py:17
↓ 14 callersMethodread
Read and display account attributes. This method retrieves and displays key attributes of the specified account. Returns:
certipy/commands/account.py:212
↓ 14 callersMethodto_bytes
Convert the token to its binary representation. Returns: Tuple of (header_bytes, data_bytes)
certipy/lib/kerberos.py:190
↓ 13 callersMethodlookup_sid
Look up an object by its SID. This method finds an Active Directory object by its security identifier, or returns a syntheti
certipy/lib/ldap.py:1251
↓ 12 callersMethodget_user
Find a user by samAccountName. This method searches for a user by samAccountName and automatically handles computer account
certipy/lib/ldap.py:1071
↓ 12 callersMethodsearch
Search the LDAP directory with the given filter and return matching entries. Args: search_filter: LDAP search filter str
certipy/lib/ldap.py:1005
↓ 12 callersFunctiontranslate_error_code
Translate a Windows API error code to a human-readable string. Args: error_code: Windows API error code (HRESULT) Returns:
certipy/lib/errors.py:24
↓ 10 callersMethodconnect
Connect to the LDAP server with the specified SSL/TLS version. This method establishes a connection to the LDAP server and handles
certipy/lib/ldap.py:592
↓ 9 callersMethod_get_sam_account_name
Get the SAM account name from a user entry. Args: user: LDAP user entry Returns: SAM account name s
certipy/commands/shadow.py:285
↓ 9 callersFunctioncert_id_to_parts
Extract username and domain from certificate identities. Args: identities: List of (id_type, id_value) tuples from certificate
certipy/lib/certificate.py:148
↓ 8 callersFunctioncreate_pfx
Create a PKCS#12/PFX container with certificate and private key. Args: key: Private key object cert: Certificate object
certipy/lib/certificate.py:585
↓ 8 callersMethodget_user_sids
Get all SIDs associated with a user, including groups. This method collects all security identifiers (SIDs) that apply to a user,
certipy/lib/ldap.py:1150
↓ 8 callersMethodresolve
Resolve hostname to IP address using DNS or local resolution. Uses cache for previously resolved hostnames. Args:
certipy/lib/target.py:411
↓ 7 callersFunctioncert_to_der
Convert certificate to DER format.
certipy/lib/certificate.py:447
↓ 7 callersFunctionder_to_cert
Convert DER-encoded certificate to object.
certipy/lib/certificate.py:517
↓ 7 callersMethodfrom_options
Create a Target from command line options. Args: options: Command line options dc_as_target: Whether to use
certipy/lib/target.py:106
↓ 7 callersFunctionget_subject_from_str
Create a Name object from a subject string. Args: subject: Subject DN string Returns: x509.Name object
certipy/lib/certificate.py:748
↓ 7 callersFunctionhash_digest
Compute hash digest of data. Args: data: Data to hash hash_algorithm: Hash algorithm to use Returns: Hash diges
certipy/lib/certificate.py:690
↓ 7 callersFunctionis_admin_sid
Check if a security identifier (SID) belongs to an administrative group. This function identifies built-in administrator accounts and groups
certipy/lib/security.py:177
↓ 7 callersFunctionload_pfx
Load key and certificate from PKCS#12/PFX data. Args: pfx: PKCS#12 data password: Optional decryption password Returns:
certipy/lib/certificate.py:649
↓ 7 callersMethodrequest
Send a request to the CA service. Args: req: Request object *args: Additional arguments **kwargs
certipy/commands/ca.py:241
↓ 7 callersMethodto_list
Decompose flag into list of individual flags. Returns: List of individual flag members
certipy/lib/structs.py:91
↓ 7 callersMethodupdate
Update an existing account's attributes. This method modifies specified attributes of an existing account. Returns:
certipy/commands/account.py:253
↓ 6 callersMethod_get_target_dn
Get the distinguished name from a user entry and validate it. Args: user: LDAP user entry Returns:
certipy/commands/shadow.py:265
↓ 6 callersFunction_log_response_if_verbose
Log response content if verbose logging is enabled. Args: content: Response content to log
certipy/lib/req.py:755
↓ 6 callersMethodfind
Discover and analyze AD CS components and detect vulnerabilities. This is the main entry point that: 1. Discovers templates,
certipy/commands/find.py:262
↓ 6 callersFunctionis_verbose
Check if verbose logging is enabled. Returns: Boolean indicating whether verbose logging is enabled
certipy/lib/logger.py:28
↓ 6 callersFunctionto_pascal_case
Convert a snake_case string to PascalCase. Args: snake_str: String in snake_case format Returns: String converted to Pa
certipy/lib/formatting.py:16
↓ 5 callersMethodadd
Add a new entry to the LDAP directory. Args: *args: Arguments to pass to the underlying LDAP add operation *
certipy/lib/ldap.py:945
↓ 5 callersMethoddecrypt
(self, answer: bytes)
certipy/lib/ntlm.py:542
↓ 5 callersMethodencrypt
Encrypt data using the appropriate Kerberos cipher. Automatically selects between RC4 and AES encryption based on the cipher
certipy/lib/kerberos.py:228
↓ 5 callersMethodformat_principals
Format a list of SIDs into a human-readable string. Args: sids: List of SIDs to format Returns: Lis
certipy/commands/find.py:2430
↓ 5 callersMethodfrom_bytes
Parse a mechanism independent token from its binary representation. Args: data: Binary data to parse Returns:
certipy/lib/kerberos.py:119
↓ 5 callersFunctionpretty_print
Pretty print a dictionary with customizable indentation and padding. Handles nested dictionaries, lists, and various data types with appropr
certipy/lib/formatting.py:42
↓ 5 callersFunctionrsa_pkcs1v15_sign
Sign data using RSA PKCS#1 v1.5 padding. Args: data: Data to sign key: Private key for signing hash_algorithm: Hash
certipy/lib/certificate.py:665
↓ 4 callersMethod__init__
Initialize the NTLM relay attack. Args: target: Target AD CS server (http://server/certsrv/ or rpc://server)
certipy/commands/relay.py:789
↓ 4 callersMethod__init__
Initialize CA management object. Args: target: Target information (hostname, credentials, etc.) ca: CA name
certipy/commands/ca.py:326
↓ 4 callersFunctioncsr_to_der
Convert CSR to DER format.
certipy/lib/certificate.py:432
↓ 4 callersMethodencrypt
(self, plain_data: bytes)
certipy/lib/ntlm.py:527
↓ 4 callersFunctionget_dcom_connection
Establish a DCOM connection to the target. Args: target: Target object containing connection parameters Returns: DCOMCo
certipy/lib/rpc.py:21
↓ 4 callersFunctionget_identities_from_certificate
Extract identity information from a certificate. Args: certificate: X.509 certificate to analyze Returns: List of tuple
certipy/lib/certificate.py:261
↓ 4 callersMethodget_key_credentials
Retrieve the current Key Credentials for a user. Args: target_dn: Distinguished name of the target user user
certipy/commands/shadow.py:98
↓ 4 callersFunctionget_tgs
Obtain a Ticket Granting Service (TGS) ticket for the specified service. This function implements a multi-step strategy for acquiring a TGS:
certipy/lib/kerberos.py:682
↓ 4 callersMethodrequest
Request a new certificate from AD CS. Returns: PFX data and filename if successful, False otherwise
certipy/lib/req.py:1393
↓ 4 callersMethodset_key_credentials
Set new Key Credentials for a user. Args: target_dn: Distinguished name of the target user user: LDAP user e
certipy/commands/shadow.py:127
↓ 4 callersMethodsign
(self, data: bytes, seq: int = 0, reset_cipher: bool = False)
certipy/lib/ntlm.py:555
↓ 3 callersFunction_convert_to_binary
Convert string hex representation to binary bytes. Args: data: String hex representation or None Returns: Bytes represe
certipy/lib/kerberos.py:83
↓ 3 callersMethodadd
Add a right for a user on the CA. Args: user: Username right: Right to add (from CERTIFICATION_AUTHORITY_RIG
certipy/commands/ca.py:1080
↓ 3 callersFunctioncert_to_pem
Convert certificate to PEM format.
certipy/lib/certificate.py:442
↓ 3 callersFunctioncreate_csr
Create a certificate signing request (CSR) with optional extensions. Args: username: Username for the subject alt_dns: Alter
certipy/lib/certificate.py:766
↓ 3 callersFunctioncreate_csr_attributes
Create a list of CSR attributes based on the provided template and Subject Alternative Name options. This function generates the attributes
certipy/lib/certificate.py:995
↓ 3 callersFunctioncreate_key_archival
Create a key archival request. Args: csr: Certificate signing request private_key: Private key to be archived cax_ce
certipy/lib/certificate.py:1287
↓ 3 callersMethoddecrypt
Decrypt data using the appropriate Kerberos cipher. Automatically selects between RC4 and AES decryption based on the cipher
certipy/lib/kerberos.py:247
↓ 3 callersMethodfinish_run
Clean up after attack completion.
certipy/commands/relay.py:585
↓ 3 callersFunctiongenerate_rsa_key
Generate a new RSA private key. Args: key_size: Key size in bits (default: 2048) Returns: RSA private key object
certipy/lib/certificate.py:532
↓ 3 callersMethodget_configuration
Retrieve the configuration for a certificate template from AD. Searches for the template by CN or displayName and returns its config
certipy/commands/template.py:237
↓ 3 callersFunctionget_dce_rpc_from_string_binding
Create a DCE RPC connection from a string binding. Args: string_binding: The RPC string binding (e.g., "ncacn_np:server[pipe]")
certipy/lib/rpc.py:67
↓ 3 callersFunctionget_device_id_and_creation_from_binary
Extract Device ID and Creation Time from a Key Credential binary. Args: key_credential: Key Credential binary data or DNWithBinary s
certipy/commands/shadow.py:730
↓ 3 callersFunctionget_object_sid_from_certificate
Extract a Security Identifier (SID) from a certificate using multiple methods. This function attempts to find SIDs in both the Subject Alter
certipy/lib/certificate.py:384
↓ 3 callersMethodget_raw
Get the raw (unprocessed) attribute value from the LDAP entry. Args: key: Attribute name to retrieve Returns:
certipy/lib/ldap.py:131
↓ 3 callersMethodget_serial_number
Get the certificate serial number. Returns: Integer representation of the serial number
certipy/commands/forge.py:139
↓ 3 callersFunctionhandle_pending_key_save
Offer to save the private key for pending certificate requests. Args: request_id: The certificate request ID key: The privat
certipy/lib/req.py:477
↓ 3 callersFunctionhandle_request_response
Process a successful certificate request by saving the certificate and private key. Args: cert: The issued certificate key:
certipy/lib/req.py:357
↓ 3 callersFunctionhandle_retrieve
Process a retrieved certificate by saving it with the private key if available. Args: cert: The retrieved certificate reques
certipy/lib/req.py:415
↓ 3 callersFunctionhandle_rpc_request_response
Process the RPC certificate request response. Args: response: The RPC response dictionary Returns: Certificate object i
certipy/lib/req.py:311
↓ 3 callersFunctionis_ip
Check if the given hostname is an IP address. Args: hostname: The hostname to check Returns: bool: True if the hostname
certipy/lib/target.py:465
↓ 3 callersFunctionkey_to_pem
Convert private key to PEM format (PKCS#8). Args: key: Private key object Returns: PEM-encoded key as bytes
certipy/lib/certificate.py:452
↓ 3 callersMethodmodify
Modify an existing entry in the LDAP directory. Args: *args: Arguments to pass to the underlying LDAP modify operation
certipy/lib/ldap.py:985
↓ 3 callersMethodshutdown
Gracefully shut down the relay server.
certipy/commands/relay.py:1025
↓ 3 callersFunctionweb_retrieve
Retrieve a certificate via the web enrollment interface. Args: session: HTTP session client request_id: The certificate requ
certipy/lib/req.py:607
↓ 2 callersMethod__init__
Initialize an LDAP connection with the specified target. Args: target: Target object containing connection details
certipy/lib/ldap.py:554
↓ 2 callersMethod__init__
Initialize a certificate request object. Args: target: Target information including host and authentication
certipy/lib/req.py:1243
↓ 2 callersMethod_check_ldap_result
Handle LDAP errors based on the result dictionary. Args: result: Result dictionary from the LDAP bind operation
certipy/lib/ldap.py:908
↓ 2 callersFunction_determine_output_filename
Determine the output filename to use for saving certificates/keys. Args: out: User-specified output name (if any) identities
certipy/lib/req.py:670
↓ 2 callersMethod_get_length
Extract ASN.1 length from the given data. Args: data: Binary data containing ASN.1 length Returns:
certipy/lib/kerberos.py:148
↓ 2 callersFunction_handle_other_errors
Handle other certificate request errors. Args: content: Response content
certipy/lib/req.py:724
↓ 2 callersMethod_modify_ca_security
Add or remove rights for a user on the CA. Args: user: Username right: Right to add/remove (from CERTIFICATI
certipy/commands/ca.py:938
↓ 2 callersMethod_parse_hex_data
Parse hex data that might span multiple lines. Args: initial_data: The initial hex data string lines_iter: I
certipy/commands/parse.py:506
↓ 2 callersFunction_try_binding
Try to connect to a specific string binding.
certipy/lib/rpc.py:211
↓ 2 callersMethod_try_connection
Try to connect to the Web Enrollment interface. Args: session: HTTP session to use base_url: Base URL to con
certipy/lib/req.py:1135
↓ 2 callersMethodadd_new_key_credential
Add a new Key Credential to a user. Args: target_dn: Distinguished name of the target user user: LDAP user e
certipy/commands/shadow.py:209
↓ 2 callersMethodauthenticate
Authenticate using a certificate. This is the main entry point for authentication. It will determine whether to use LDAP or
certipy/commands/auth.py:253
↓ 2 callersMethodcheck_web_enrollment
Check if web enrollment is enabled on the CA. Args: ca: Certificate authority object channel: Protocol to ch
certipy/commands/find.py:633
↓ 2 callersMethodcreate
Create a new computer account in Active Directory. This method creates a computer account with the specified properties, or
certipy/commands/account.py:98
↓ 2 callersFunctioncreate_ace
(sid: str, mask: CertificateRights)
certipy/lib/security.py:207
↓ 2 callersMethodcreate_application_policies
Create an extension containing the application policies for the certificate. Returns: UnrecognizedExtension containing t
certipy/commands/forge.py:289
↓ 2 callersMethodcreate_sid_extension
Create an extension containing the SID for the certificate. Returns: UnrecognizedExtension containing the SID or None if
certipy/commands/forge.py:257
↓ 2 callersMethodcreate_smime_extension
Create an extension containing the S/MIME capability for the certificate. Returns: UnrecognizedExtension containing the
certipy/commands/forge.py:312
↓ 2 callersMethodcreate_subject_alternative_names
Create subject alternative names for the certificate. Returns: List of subject alternative name entries
certipy/commands/forge.py:218
↓ 2 callersFunctioncsr_to_pem
Convert CSR to PEM format.
certipy/lib/certificate.py:437
↓ 2 callersMethoddce_request
Send a DCE RPC request and handle the response. This wrapper method properly handles the DCE RPC request to ensure static co
certipy/lib/req.py:942
↓ 2 callersFunctionder_to_csr
Convert DER-encoded CSR to object.
certipy/lib/certificate.py:502
↓ 2 callersMethodenable
Enable or disable a template on the CA. Args: disable: If True, disable the template; otherwise enable it Retur
certipy/commands/ca.py:833
↓ 2 callersFunctionfiletime_to_str
Convert Windows FILETIME to a human-readable time span string. This is a convenience function that combines filetime_to_span() and span_
certipy/lib/time.py:112
↓ 2 callersMethodget_allowed_hash_algorithm
Get an appropriate hash algorithm for certificate signing. Args: template_hash_algorithm: Hash algorithm from template c
certipy/commands/forge.py:329
next →1–100 of 406, ranked by callers