CypherCon 2024

Attacks on Active Directory Certificate Services (AD CS) Explained

Ryan Zagrodnik


Active Directory Certificate Services (AD CS) is a vital component of enterprise environments. This presentation delves into the world of AD CS security by exploring various attack vectors and vulnerabilities that malicious actors may exploit. In this presentation we’ll cover the basics of AD CS, ESC1 through ESC8, as well as demo the exploits. By understanding these attack techniques and their countermeasures, organizations can fortify their AD CS infrastructure and enhance the overall security of their networks.

Ryan Zagrodnik

DC608 & Madison Legend

Ryan Zagrodnik, OSCP, CISSP, has been consulting as a Penetration Tester at SynerComm for over five years, bringing over seventeen years of combined cyber security experience from both red and blue team roles. Prior to joining SynerComm, Ryan dedicated three years to an internal red team at a Fortune 1000. Ryan began his career in 2007 as an overworked crushed soul (Windows System Administrator) responsible for managing large enterprise networks. By 2011, he transitioned into the role of Security Engineer and obtained his CISSP. Additionally, Ryan has held U.S. Government security clearances for several years, working in both offensive and defensive security capacities for large businesses providing services to the U.S. Department of Defense and Department of Education.