macOS
brew install certsynclocal Homebrew formula metadata
sudo port install certsyncMacPorts ports tree · security/certsync/Portfile · Quelle: api.github.com
brew
Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für certsync in AI-Agent-Workflows.
Installation
brew install certsynclocal Homebrew formula metadata
sudo port install certsyncMacPorts ports tree · security/certsync/Portfile · Quelle: api.github.com
nix profile install nixpkgs#certsyncnixpkgs package indexes · pkgs/by-name/ce/certsync/package.nix · Quelle: api.github.com
Überblick
Dump NTDS with golden certificates and UnPAC the hash
Verlauf
certsync is an Active Directory Certificate Services attack tool for remotely dumping NTDS data without DRSUAPI. Its README describes a workflow based on golden certificates and UnPAC the hash.
The upstream GitHub repository was created in January 2023, with the first commit on the same day. A 0.1.6 GitHub release followed in March 2024, and the project is published as a Python package as well as source.
The README documents local installation, PyPI installation, and BlackArch packaging, and links a Repology packaging-status badge. The supplied package facts also list Homebrew, MacPorts, and Nix packages.
certsync collects users, CA information, and CRLs over LDAP, dumps the CA certificate and private key or uses a supplied CA PFX, forges certificates, and uses PKINIT plus UnPAC to recover hashes. Its options cover password, NTLM hash, Kerberos cache, AES key, DNS, LDAP filtering, and OPSEC timing controls.
certsync is package-nerd interesting because it represents the fast path from a newly described ADCS tradecraft technique to broad packaging in security distributions and general package managers. It is niche, but package presence makes lab and assessment reproduction much easier.
Sicherheitslage
Für certsync wurde kein passendes lokales Secret-Handling-Manifest gefunden. Nucleus-Paketmetadaten bleiben hier veröffentlicht, damit künftige Abdeckung eine stabile Paket-URL hat.
Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.
Executables
| Befehl | Art | Sichtbarkeit | Hinweis |
|---|---|---|---|
certsync | cli | globales Executable |
Aktualität
Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.
https://github.com/zblurx/certsync
Installationsmetadaten
| Paketschlüssel | brew:certsync |
|---|---|
| Version | 0.1.6 |
| Paketmanager | Homebrew |
| Paketmanager-Seite | https://formulae.brew.sh/formula/certsync |
| Homepage | https://github.com/zblurx/certsync |
| Repository | https://github.com/zblurx/certsync |
| Upstream-Dokumentation | https://github.com/zblurx/certsync#readme |
| Lizenz | MIT |
| Quellarchiv | https://files.pythonhosted.org/packages/c8/75/3928920bdbfb0af317446236fad17b47a1d6aad507f1ae2eed6bbf7e7ad9/certsync-0.1.6.tar.gz |
| Zuletzt aktualisiert | 2026-05-20T11:47:05Z |
| Pulse | updated |
| Abhängigkeiten | certifi, cryptography, python@3.14 |
| Von macOS bereitgestellte Bibliotheken | libffi |
| Bottle | verfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | nicht definiert |
| Dienst | keiner deklariert |
Registry-Fakten
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | certsync |
| Version Scheme | 0 |
| Revision | 10 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
Source-Datenbank-Treffer
Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.
certsync
nix profile install nixpkgs#certsynccertsync
sudo port install certsyncQuellspur
Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.
View the package source record on GitHub.