AD-ESC9Credential Access

ADCS ESC9 — No security extension

Cert template without security extension lets you authenticate as a different user via UPN mapping.

§ Where this technique fits

AD-ESC9 is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.