Invoke-Leghorn

June 17, 2021 ยท View on GitHub

Standalone powershell script to detect potential PKI abuse

Quick Usage

Open a PowerShell prompt

Import-Module .\Invoke-Leghorn.ps1
Invoke-Leghorn -Domain test.loc

Screenshot

Credits

I'd like to thank the following people for their work :

  • Jean Marsault : MICROSOFT ADCS โ€“ ABUSING PKI IN ACTIVE DIRECTORY ENVIRONMENT
  • Q&D Security : Supply in the Request Shenanigans
  • Cfalta : PoshADCS