ad-attacks

Redirects Active Directory attack queries to redteam skill via /redteam --focus=ad, prioritizing BloodHound analysis, Kerberoasting, AS-REP roasting, DCSync, PtH/PtT, delegation abuse, GPO/ACL exploitation, and domain compromise.

security

npx claudepluginhub kalpmodi/akira

Tool Access

This skill uses the workspace's default tool permissions.

Preview

AD attack TTPs have been consolidated into the **redteam** skill, which is the canonical source for all AD, post-exploitation, lateral movement, and APT simulation techniques.

SKILL.md

Similar Skills

active-directory-attacks

32.8k

Provides Active Directory attack techniques: reconnaissance with BloodHound/PowerView, credential harvesting, Kerberos attacks with Rubeus, lateral movement, privilege escalation for authorized pentesting.

1 file

antigravity-awesome-skills

ad-attacks

Provides BloodHound Cypher queries for Active Directory attacks: shortest paths to Domain Admin, Kerberoastable/AS-REP accounts, unconstrained delegation, high-value targets, and misconfigs. For AD pentesting.

2 tools

threatswarm

executing-active-directory-attack-simulation

Executes authorized attack simulations against Active Directory to identify misconfigurations, weak credentials, privilege escalation paths, and trust exploits using BloodHound, Mimikatz, and Impacket.

asi

Stats

Stars12

Forks4

Last CommitApr 25, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

ad-attacks | akira | ClaudePluginHub

Back to Skills

Skill

ad-attacks

From akira

security

npx claudepluginhub kalpmodi/akira

Tool Access

This skill uses the workspace's default tool permissions.

Preview

AD attack TTPs have been consolidated into the **redteam** skill, which is the canonical source for all AD, post-exploitation, lateral movement, and APT simulation techniques.

SKILL.md

Active Directory Attacks - Redirect Stub

AD attack TTPs have been consolidated into the redteam skill, which is the canonical source for all AD, post-exploitation, lateral movement, and APT simulation techniques.

Immediately invoke:

/redteam <target> --focus=ad

The --focus=ad flag tells redteam to prioritize:

BloodHound collection and shortest-path analysis
Kerberoasting + AS-REP roasting
LDAP enumeration (null session -> authenticated)
Pass-the-Hash / Pass-the-Ticket chains
ADCS ESC1-ESC8 certificate abuse
Constrained/unconstrained delegation + RBCD
DCSync + DCShadow
GPO abuse + ACL abuse (T1484 / T1222)
Golden/Silver ticket forge
Domain compromise - NTDS.dit extraction

All techniques are documented in ~/.claude/skills/redteam/SKILL.md under Classes RT04, RT05, RT05b, RT05c.

For full APT kill chain (C2, LotL, AMSI bypass, persistence, defense evasion, cloud APT, exfil, OPSEC) run /redteam <target> without the focus flag after obtaining a foothold.