{"id":30760672,"url":"https://github.com/000pp/doom","last_synced_at":"2025-09-04T13:12:10.079Z","repository":{"id":312959197,"uuid":"1049456607","full_name":"000pp/doom","owner":"000pp","description":"🔴 Doom is a Python tool developed to be used in Active Directory environments with Active Directory Certificate Services (ADCS) present. It identifies the ADCS server and enumerates all the templates and their properties, which can be useful to help identify security risks in the certificate templates.","archived":false,"fork":false,"pushed_at":"2025-09-03T02:58:22.000Z","size":393,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-03T04:22:14.705Z","etag":null,"topics":["active-directory","adcs","certificate","certificates","certipy"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/000pp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-03T02:26:17.000Z","updated_at":"2025-09-03T03:09:48.000Z","dependencies_parsed_at":"2025-09-03T04:34:06.977Z","dependency_job_id":null,"html_url":"https://github.com/000pp/doom","commit_stats":null,"previous_names":["000pp/doom"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/000pp/doom","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/000pp%2Fdoom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/000pp%2Fdoom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/000pp%2Fdoom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/000pp%2Fdoom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/000pp","download_url":"https://codeload.github.com/000pp/doom/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/000pp%2Fdoom/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273613500,"owners_count":25137166,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-04T02:00:08.968Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active-directory","adcs","certificate","certificates","certipy"],"created_at":"2025-09-04T13:12:04.495Z","updated_at":"2025-09-04T13:12:10.051Z","avatar_url":"https://github.com/000pp.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n    \u003cpicture\u003e\n        \u003cimg src=\"img/banner.jpg\" width=1200px\u003e\n    \u003c/picture\u003e\n\u003c/p\u003e\n\nDoom is a Python tool developed to be used in Active Directory environments with Active Directory Certificate Services (ADCS) present. It identifies the ADCS server and enumerates all the templates and their properties, which can be useful to help identify security risks in the certificate templates.\n\n\u003cb\u003eWarning: This project is in beta and not public tested, expect bugs! \u003ci\u003e(Open a issue if you have any)\u003c/i\u003e\u003c/b\u003e\n\n\u003cbr\u003e\n\n## Documentation\nDocumentation is avaible in the Wiki page: [https://github.com/000pp/doom/wiki](https://github.com/000pp/doom/wiki)\n\n\u003cbr\u003e\n\n## Installation\nWe recommend using [pipx](https://github.com/pypa/pipx) to install the project, so you can run it from anywhere and make things easier.\n\n### Linux\n```\nsudo apt install pipx git\npipx ensurepath\npipx install git+https://github.com/000pp/doom\n```\n\n### MacOS\n```\nbrew install pipx\npipx ensurepath\npipx install git+https://github.com/000pp/doom\n```\n\n### Local\n```\ngit clone https://github.com/000pp/doom.git\npipx install .\n```\n\n### Updating\n```\npipx reinstall doom\n```\n\n## Why?\nDoom was created to help security analysts identify vulnerabilities in certificate templates in an Active Directory environment. Recently, I've seen some posts and talks about false positives in some tools, so why not look at the template manually? Of course, I don't have any problem with these tools or their results; this project is not a war against them or a form of depreciation. It's simply a new way to look at certificate templates.\n\n\u003cbr\u003e\n\n\u003cimg width=\"1514\" height=\"851\" alt=\"image\" src=\"https://github.com/user-attachments/assets/d74eafee-b143-472e-8f5f-d078c2d58ef3\" /\u003e\n\n\u003cimg width=\"1514\" height=\"851\" alt=\"image\" src=\"https://github.com/user-attachments/assets/2603d55c-b725-4c88-beda-ef3cbec6139b\" /\u003e\n\n\u003cimg width=\"1514\" height=\"851\" alt=\"image\" src=\"https://github.com/user-attachments/assets/fd06aed1-0fdd-47b3-b613-8770a88a2de2\" /\u003e\n\n\n## To-Do\n- [ ] Improve TUI\n- [ ] Retrieve more properies from the certificate templates\n- [ ] Enumerate Groups/Users allowed to enroll certificates\n- [x] *Copy more Certipy code*\n\n\u003cbr\u003e\n\n## Credits\nThis tool is totally based on [Certipy's project](https://github.com/ly4k/Certipy). A big shout-out to ly4k and all the maintainers!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F000pp%2Fdoom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F000pp%2Fdoom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F000pp%2Fdoom/lists"}