# Install certsync with Homebrew, MacPorts, Nix

Dump NTDS with golden certificates and UnPAC the hash. Version 0.1.6 via Homebrew; verified 2026-05-20.

## Install

```sh
sudo av install brew:certsync
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install certsync
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install certsync
```

  Evidence: MacPorts ports tree: security/certsync/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#certsync
```

  Evidence: nixpkgs package indexes: pkgs/by-name/ce/certsync/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:certsync
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/certsync>
- **Version:** 0.1.6
- **Source summary:** Dump NTDS with golden certificates and UnPAC the hash
- **Homepage:** <https://github.com/zblurx/certsync>
- **Repository:** <https://github.com/zblurx/certsync>
- **Upstream docs:** <https://github.com/zblurx/certsync#readme>
- **License:** MIT
- **Source archive:** <https://files.pythonhosted.org/packages/c8/75/3928920bdbfb0af317446236fad17b47a1d6aad507f1ae2eed6bbf7e7ad9/certsync-0.1.6.tar.gz>
- **Last updated:** 2026-05-20T11:47:05Z
- **Generated:** 2026-07-10T07:20:53+00:00

## Executables

- certsync (cli)
- certsync (alias)

## Dependencies

- certifi
- cryptography
- python@3.14

## Uses from macOS

- libffi

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-10
- Package-manager version: 0.1.6
- Package-manager updated: 2026-05-20
- Local data: ok
- Upstream repository: https://github.com/zblurx/certsync
- info: No cached GitHub release or tag data was available.
## Project history and usage

certsync is an Active Directory Certificate Services attack tool for remotely dumping NTDS data without DRSUAPI. Its README describes a workflow based on golden certificates and UnPAC the hash.

### Project history

The upstream GitHub repository was created in January 2023, with the first commit on the same day. A 0.1.6 GitHub release followed in March 2024, and the project is published as a Python package as well as source.

### Adoption history

The README documents local installation, PyPI installation, and BlackArch packaging, and links a Repology packaging-status badge. The supplied package facts also list Homebrew, MacPorts, and Nix packages.

### How it is used

certsync collects users, CA information, and CRLs over LDAP, dumps the CA certificate and private key or uses a supplied CA PFX, forges certificates, and uses PKINIT plus UnPAC to recover hashes. Its options cover password, NTLM hash, Kerberos cache, AES key, DNS, LDAP filtering, and OPSEC timing controls.

### Why package nerds care

certsync is package-nerd interesting because it represents the fast path from a newly described ADCS tradecraft technique to broad packaging in security distributions and general package managers. It is niche, but package presence makes lab and assessment reproduction much easier.

### Timeline

- 2023: Public GitHub repository and first commit created.
- 2024: 0.1.6 release published.

### Related projects

- The README credits Certipy, the UnPAC the hash technique, Certified Pre-Owned, Certify, and GOAD as related research or lab projects.

### Sources

- <https://api.github.com/repos/zblurx/certsync>
- <https://github.com/zblurx/certsync>
- <https://github.com/zblurx/certsync#readme>
- <https://formulae.brew.sh/api/formula/certsync.json>


## Security Notes

No matching local secret-handling manifest was found for certsync. Nucleus package metadata is still published here so future coverage has a stable package URL.


## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** certsync
- **Version Scheme:** 0
- **Revision:** 10
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Nix - certsync: normalized package name match | nixpkgs package indexes: pkgs/by-name/ce/certsync/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- MacPorts - certsync: normalized package name match | MacPorts ports tree: security/certsync/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [python@3.14](https://www.automicvault.com/pkg/brew/python-3-14/) - Runtime dependency declared by Homebrew.
- [msktutil](https://www.automicvault.com/pkg/brew/msktutil/) - Shares av.db curated category or tags: active-directory, cli, kerberos, security.
- [acme.sh](https://www.automicvault.com/pkg/brew/acme-sh/) - Shares av.db curated category or tags: certificates, cli, security.
- [certbot](https://www.automicvault.com/pkg/brew/certbot/) - Shares av.db curated category or tags: certificates, cli, security.
- [certgraph](https://www.automicvault.com/pkg/brew/certgraph/) - Shares av.db curated category or tags: certificates, cli, security.
- [certigo](https://www.automicvault.com/pkg/brew/certigo/) - Shares av.db curated category or tags: certificates, cli, security.
- [certstrap](https://www.automicvault.com/pkg/brew/certstrap/) - Shares av.db curated category or tags: certificates, cli, security.
- [cfssl](https://www.automicvault.com/pkg/brew/cfssl/) - Shares av.db curated category or tags: certificates, cli, security.
- [crip](https://www.automicvault.com/pkg/brew/crip/) - Shares av.db curated category or tags: certificates, cli, security.
- [showcert](https://www.automicvault.com/pkg/brew/showcert/) - Both packages touch the same language runtime or ecosystem. Shared terms: certifi, certificates, cli, cryptography, python.
- [cycode](https://www.automicvault.com/pkg/brew/cycode/) - Both packages touch the same language runtime or ecosystem. Shared terms: certifi, cli, cryptography, python, python-3-14.

## Combined YAML source

View the package source record on GitHub. [combined/certsync.yml](https://github.com/automic-vault/db/blob/main/combined/certsync.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
