trust-attacks
•published 2026/03/13
Enumerates Active Directory trust relationships and exploits them for cross-domain and cross-forest privilege escalation. Covers trust enumeration (nltest, PowerView, BloodHound), SID history injection (child domain to forest root via golden/diamond ticket with extra SIDs), inter-realm TGT forging using trust keys, cross-forest trust abuse (SID filtering bypass, RBCD, Kerberoasting via trust account), and PAM trust exploitation (shadow principals in bastion forests).
📦 Install Skill
Command line install
Install directly with the `skills` CLI.
npx skills add blacklanternsecurity/red-run/skills/ad/trust-attacksFile Explorer
No file selected
Select a file to view its content

