Mastering Active Directory Certificate Services (ADCS): NTLM Relay & Petitpotam Attacks Explained

Welcome to Redfox Security! In this deep-dive tutorial, we explore two of the most critical attack vectors targeting Active Directory Certificate Services (ADCS)—NTLM Relay and PetitPotam.

These techniques have been used in real-world attacks to gain unauthorized access, escalate privileges, and compromise entire Windows environments. Whether you're a cybersecurity professional, student, or just passionate about Windows security, this video will give you the knowledge and hands-on insight you need.

What You’ll Learn:
✓ ADCS Overview – Understand what ADCS is, its components, and its role in Windows-based PKI environments.
✓ NTLM Relay Attacks – See how NTLM relay vulnerabilities are used to target and abuse certificate services.
✓ PetitPotam Exploit – Learn how this attack forces machine authentication to escalate access within ADCS.
✓ Live Demonstration – Watch real-time execution of both attack chains, including setup, exploitation, and impact analysis.
✓ Defense Tactics – Get practical mitigation strategies and configuration tips to secure your ADCS infrastructure.

Key Takeaways:
✓ Clear understanding of how ADCS can be compromised
✓ Step-by-step demonstrations of NTLM Relay and PetitPotam
✓ Real-world mitigation strategies and hardening tips

Time Stamps:
0:00 Intro
03:57 ADCS Basics
08:56 NTLM Relay Attack
10:46 PetitPotam Attack
14:35 ESC8 Theory
23:11 ESC8 Practical
56:16 ESC8 Prevention
01:01:16 Conclusion

Launch your cybersecurity career with our expert-led training: https://academy.redfoxsec.com/

Join the Redfox Security community: https://linktr.ee/redfoxsec

Powered by Redfox Cyber Security Pvt. Ltd.

Important Note:
This video is for educational purposes only. It demonstrates ethical hacking techniques in authorized, controlled environments. Using these methods without documented consent is prohibited and unethical.

Disclaimer:
Redfox Security is not responsible for any misuse or unauthorized actions by viewers.

Who Are We?
Redfox Security is a global penetration testing firm with over ten years of cybersecurity experience. We help businesses, from startups to large corporations, protect against threats. Our expert team provides top-tier security consulting services across four countries, dedicated to ensuring your business grows securely.

Website: https://redfoxsec.com
LinkedIn:   / redfoxsec  
Facebook:   / redfoxsec  
Instagram:   / redfoxcybersecurity  
Twitter: https://x.com/redfoxsec

Like, share, and subscribe for more cybersecurity tutorials and attack breakdowns.

Stay informed—turn on notifications so you never miss an upload!

#ActiveDirectory #ADCS #NTLMRelay #Petitpotam #Cybersecurity #PenetrationTesting #EthicalHacking #SecurityTutorial #WindowsSecurity #ITsecurity #AttackVectors #PrivilegeEscalation #NetworkSecurity #ExploitDemo #SecurityMitigation #ESC8