redttps

Enumerate ADCS using Certutil

Description

Certutil (short for Certificate Utility) is a command-line program that is used to manage and manipulate certificates and certification authority (CA) data on Windows systems.


Cheatsheet

  1. General information about certificates
    2. certutil -dump
  2. Local (CA) information
    3. certutil -ca
  3. List all local certificate templates
    4. certutil -catemplates
  4. List all certificate templates in detail mode
    5. certutil -v -template
  5. Detailed information on all certificate templates
    6. certutil -v -dstemplate
  6. Lists all the certificate templates that support client authentication
    7. certutil -v -template -clientauth
  7. Displays detailed information about a specific template (ESC1)
    8. certutil -template ESC1