Certi

Certi is designed to engage with ADCS environments, enabling users to request certificates and gather information about related objects such as templates. This tool is particularly useful in penetration testing and red teaming scenarios where understanding and exploiting certificate services in Active Directory is necessary.

The utility provides a command-line interface with two primary subcommands: 'list' and 'req', allowing for both enumeration and certificate enrollment operations. As an impacket-based tool, it integrates seamlessly with other impacket utilities for broader Active Directory assessment workflows.

Certi requires Python dependencies including cryptography and impacket libraries, making it suitable for environments already equipped with Python-based security tooling.

Certi leverages impacket libraries to communicate with ADCS over standard protocols like RPC, enabling certificate template enumeration and enrollment requests. The 'list' subcommand discovers available templates and related objects, while 'req' handles certificate signing requests, mimicking legitimate ADCS client behavior to extract certificates without direct authentication in some configurations.