diff --git a/src/CommonLib/OutputTypes/APIResults/StringArrayRegistryAPIResult.cs b/src/CommonLib/OutputTypes/APIResults/StringArrayRegistryAPIResult.cs
new file mode 100644
index 000000000..a13e1b28e
--- /dev/null
+++ b/src/CommonLib/OutputTypes/APIResults/StringArrayRegistryAPIResult.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace SharpHoundCommonLib.OutputTypes
+{
+    public class StringArrayRegistryAPIResult : APIResult
+    {
+        public String[] Data { get; set; } = Array.Empty<String>();
+    }
+}
\ No newline at end of file
diff --git a/src/CommonLib/OutputTypes/CARegistryData.cs b/src/CommonLib/OutputTypes/CARegistryData.cs
index ece3e1b73..20f7638d0 100644
--- a/src/CommonLib/OutputTypes/CARegistryData.cs
+++ b/src/CommonLib/OutputTypes/CARegistryData.cs
@@ -8,5 +8,6 @@ public class CARegistryData
         public EnrollmentAgentRegistryAPIResult EnrollmentAgentRestrictions { get; set; }
         public BoolRegistryAPIResult IsUserSpecifiesSanEnabled { get; set; }
         public BoolRegistryAPIResult RoleSeparationEnabled { get; set; }
+        public StringArrayRegistryAPIResult DisabledExtensions { get; set; }
     }
 }
\ No newline at end of file
diff --git a/src/CommonLib/Processors/CertAbuseProcessor.cs b/src/CommonLib/Processors/CertAbuseProcessor.cs
index 4da05f191..ea41f2962 100644
--- a/src/CommonLib/Processors/CertAbuseProcessor.cs
+++ b/src/CommonLib/Processors/CertAbuseProcessor.cs
@@ -254,9 +254,10 @@ private RegistryResult GetEnrollmentAgentRights(string target, string caName)
         public BoolRegistryAPIResult IsUserSpecifiesSanEnabled(string target, string caName)
         {
             var ret = new BoolRegistryAPIResult();
+            var activePolicy = "CertificateAuthority_MicrosoftDefault.Policy";
             var subKey =
-                $"SYSTEM\\CurrentControlSet\\Services\\CertSvc\\Configuration\\{caName}\\PolicyModules\\CertificateAuthority_MicrosoftDefault.Policy";
-            const string subValue = "EditFlags";
+                $"SYSTEM\\CurrentControlSet\\Services\\CertSvc\\Configuration\\{caName}\\PolicyModules";
+            const string subValue = "Active";
             var data = Helpers.GetRegistryKeyData(target, subKey, subValue, _log);
 
             ret.Collected = data.Collected;
@@ -266,17 +267,79 @@ public BoolRegistryAPIResult IsUserSpecifiesSanEnabled(string target, string caN
                 return ret;
             }
 
-            if (data.Value == null)
+            if (data.Value != null)
+            {
+                activePolicy = (string)data.Value;
+            }
+
+            var subKey2 =
+                $"SYSTEM\\CurrentControlSet\\Services\\CertSvc\\Configuration\\{caName}\\PolicyModules\\{activePolicy}";
+            const string subValue2 = "EditFlags";
+            var data2 = Helpers.GetRegistryKeyData(target, subKey2, subValue2, _log);
+
+            ret.Collected = data2.Collected;
+            if (!data2.Collected)
             {
+                ret.FailureReason = data2.FailureReason;
                 return ret;
             }
 
-            var editFlags = (int)data.Value;
+            if (data2.Value == null)
+            {
+                return ret;
+            }
+
+            var editFlags = (int)data2.Value;
             ret.Value = (editFlags & 0x00040000) == 0x00040000;
 
             return ret;
         }
 
+        [ExcludeFromCodeCoverage]
+        public StringArrayRegistryAPIResult DisabledExtensions(string target, string caName)
+        {
+            var ret = new StringArrayRegistryAPIResult();
+            var activePolicy = "CertificateAuthority_MicrosoftDefault.Policy";
+            var subKey =
+                $"SYSTEM\\CurrentControlSet\\Services\\CertSvc\\Configuration\\{caName}\\PolicyModules";
+            const string subValue = "Active";
+            var data = Helpers.GetRegistryKeyData(target, subKey, subValue, _log);
+
+            ret.Collected = data.Collected;
+            if (!data.Collected)
+            {
+                ret.FailureReason = data.FailureReason;
+                return ret;
+            }
+
+            if (data.Value != null)
+            {
+                activePolicy = (string)data.Value;
+            }
+
+            var subKey2 =
+                $"SYSTEM\\CurrentControlSet\\Services\\CertSvc\\Configuration\\{caName}\\PolicyModules\\{activePolicy}";
+            const string subValue2 = "DisableExtensionList";
+            var data2 = Helpers.GetRegistryKeyData(target, subKey2, subValue2, _log);
+
+            ret.Collected = data2.Collected;
+            if (!data2.Collected)
+            {
+                ret.FailureReason = data2.FailureReason;
+                return ret;
+            }
+
+            if (data2.Value == null)
+            {
+                return ret;
+            }
+
+            var disableExtensionList = (string[])data2.Value;
+            ret.Data = disableExtensionList;
+
+            return ret;
+        }
+
         /// <summary>
         /// This function checks a registry setting on the target host for the specified CA to see if role seperation is enabled.
         /// If enabled, you cannot perform any CA actions if you have both ManageCA and ManageCertificates permissions. Only CA admins can modify the setting.
@@ -479,4 +542,4 @@ public class CertRegistryResult
         public byte[] Value { get; set; }
         public string FailureReason { get; set; }
     }
-}
\ No newline at end of file
+}