Theory

Golden certificates usually refer to one of two types of attacks.

• Forge certificate and sign them with the CA cert private key --> Stolen CA

• Modify a template and turn it into a SmartCard template --> Access controls

Most tools (certsync, certipy) and resources refer to the Stolen CA technique when mentioning Golden Certificates. Since Golden Tickets consist in Kerberos tickets forged when knowing the KRBTGT keys, it makes sense to call "Golden Certificate" a technique that consists in forging a certificate when knowing the CA private key.

Resources

An introduction to Golden Certificates

Domain Persistence: Golden Certificate Attack - Hacking ArticlesHacking Articles