pentest-active-directory
Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/0x-professor/pentest-active-directoryWhat This Skill Does
The pentest-active-directory skill is a sophisticated autonomous agent module designed to map, analyze, and validate attack paths within Microsoft Active Directory environments. It focuses on identifying critical misconfigurations and vulnerabilities that commonly lead to privilege escalation or lateral movement. By automating the assessment of complex AD relationships, this skill identifies risks such as Kerberoasting, AS-REP roasting, NTLM relay vulnerabilities, and various forms of dangerous delegation. The skill operates under strict ethical guidelines, ensuring that all reconnaissance and validation actions are mapped against recognized frameworks including PTES, NIST SP 800-115, and MITRE ATT&CK techniques (notably TA0006 and TA0008).
Installation
To integrate this skill into your OpenClaw ecosystem, execute the following command in your terminal:
clawhub install openclaw/skills/skills/0x-professor/pentest-active-directory
Ensure that your environment meets the dependency requirements specified in the references/tools.md file within the source repository at openclaw/skills.
Use Cases
- Security Auditing: Automating the periodic review of domain controller security postures.
- Breach & Attack Simulation: Testing defensive controls by simulating real-world escalation paths against authorized targets.
- Compliance Reporting: Generating canonical findings that align with regulatory requirements, providing clear evidence for remediation efforts.
- Red Team Operations: Efficiently mapping potential movement paths in large, complex enterprise forest topologies.
Example Prompts
- "Perform a dry-run assessment of the domain identified in
scope.jsonto map potential delegation abuse paths." - "Execute the pentest-active-directory skill against the target DC-01.company.local using --i-have-authorization and output the results to the root folder."
- "Analyze the current network environment and identify any accounts susceptible to Kerberoasting, ensuring all findings are saved in the standard finding_schema format."
Tips & Limitations
- Authorization First: Never attempt to execute this skill against a target without verified, written consent. The skill includes a
--dry-runflag which should be used for initial discovery before performing live validation. - Scope Management: Always maintain a strict
scope.jsonfile. The agent is programmed to reject any target that falls outside the defined scope to prevent accidental environmental impact. - Contextual Awareness: While the skill provides autonomous analysis, the output should always be reviewed by a human professional to ensure the findings are contextually relevant to the specific business environment and to prioritize remediation based on risk appetite.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-0x-professor-pentest-active-directory": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-write, file-read, code-execution
Related Skills
agentic-workflow-automation
Generate reusable multi-step agent workflow blueprints. Use for trigger/action orchestration, deterministic workflow definitions, and automation handoff artifacts.
cyber-kev-triage
Prioritize vulnerability remediation using KEV-style exploitation context plus asset criticality. Use for CVE triage, patch order decisions, and remediation reporting.
agentic-mcp-server-builder
Scaffold MCP server projects and baseline tool contract checks. Use for defining tool schemas, generating starter server layouts, and validating MCP-ready structure.
cyber-ir-playbook
Build incident response timelines and report packs from event logs. Use for detection-to-recovery reporting, phase tracking, and stakeholder-ready incident summaries.
ml-model-eval-benchmark
Compare model candidates using weighted metrics and deterministic ranking outputs. Use for benchmark leaderboards and model promotion decisions.