As part of our internal penetration tests, we regularly encounter AD CS (Active Directory Certificate Services) infrastructures deployed on corporate networks.
This component always catches our attention, as inadequate configuration can quickly pave the way for total compromise of the Active Directory domain.