Merge pull request #258 from andrePKI/patch-1

Added description about ESC

Author: jakehildreth

Docs/Locksmith.md

@@ -10,6 +10,11 @@ Locale: en-US
 ## Description
 A small tool to find and fix common misconfigurations in Active Directory Certificate Services.
 
+## Escalation paths
+ESC1, ESC2, etc., refer to a series of Active Directory Certificate Services (AD CS) escalation paths, originally documented by Will Schroeder and Lee Christensen in their landmark 2021 research on abusing AD CS titled "Certified Pre-Owned".
+
+These ESC* vulnerabilities are not software vulnerabilities in the traditional sense (like CVEs), but rather misconfigurations or abuse paths that attackers can use to escalate privileges or persist in an environment using AD CS.
+
 ## Locksmith Cmdlets
 ### [Invoke-Locksmith](Invoke-Locksmith.md)
 A small tool to find and fix common misconfigurations in Active Directory Certificate Services.