AD Overview (Decepticon)

What it does

This skill collects and documents a set of Active Directory offensive playbooks and workflows used by red-team automation agents. It provides step-by-step guidance for ingesting BloodHound data, identifying Kerberoast and AS-REP targets, auditing ADCS templates, performing DCSync checks, and extracting LAPS secrets. The content is aimed at automated attack-chain planning and tooling integration.

When to use it

Use this skill when planning or automating Active Directory post-exploitation or red-team operations that require enumerating domain relationships, identifying privileges and sensitive principals, or preparing Kerberoasting/AS-REP campaigns. It activates on AD-focused tasks such as "run BloodHound ingest", "find Kerberoast targets", or "check for DCSync-prone principals."

What's included

• Scripts: none bundled in the skill folder (has_scripts=false) — references in the body show example bash/tool commands (bloodhound-python, certipy).
• References: no separate references folder (has_references=false).
• Instructions: the SKILL.md contains playbooks, an ordered workflow (collect → ingest → check → plan), and example knowledge-graph operations to tag crown-jewel nodes.

Compatible agents

Likely compatible with red-team/automation agents that expose shell and scripting tools (bash, Certipy, BloodHound ingest). Compatible agent types: autonomous hacking agents, CLI-based LLM agents, and tools that can call system commands.