This thesis investigates critical cybersecurity vulnerabilities associated with Active Directory Certificate Services (ADCS), emphasizing attack vectors and defense strategies within enterprise environments. It specifically analyzes known attack scenarios, identified as ESC1 through ESC11, and the notable CERTIFIED vulnerability (CVE-2022-26923). To practically illustrate these threats, a detailed laboratory environment utilizing VMware Workstation 17.5 was established, incorporating Kali Linux for offensive testing and Windows Server systems representing a realistic ADCS infrastructure.

Through simulated attack scenarios utilizing the Certipy-ad toolkit, this research clearly demonstrates the significant risks posed by ADCS misconfigurations, ranging from privilege escalation to complete domain compromise. Embracing a Purple Team approach—collaboration between offensive (red) and defensive (blue) teams—enabled real-time detection, immediate feedback on attack effectiveness, and iterative improvements in defensive capabilities.

Moreover, this study outlines comprehensive defensive measures to mitigate identified vulnerabilities, including strict certificate template hardening, enforcement of CA administrative privilege management, and implementation of continuous monitoring solutions like Wazuh SIEM complemented by meticulous analysis of Windows Event Logs. The iterative Purple Teaming methodology significantly enhanced detection accuracy, response capabilities and overall resilience against ADCS-related threats.