Using Kerberos for Authentication Relay Attacks
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
#kerberos #relay
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
#kerberos #relay
Blogspot
Using Kerberos for Authentication Relay Attacks
Posted by James Forshaw, Project Zero This blog post is a summary of some research I've been doing into relaying Kerberos authentica...
pyKerbrute
Use Python to quickly brute force and enumerate valid Active Directory accounts through Kerberos Pre-Authentication (supports Pass-the-Hash)
https://github.com/3gstudent/pyKerbrute
#ad #kerberos #spray
Use Python to quickly brute force and enumerate valid Active Directory accounts through Kerberos Pre-Authentication (supports Pass-the-Hash)
https://github.com/3gstudent/pyKerbrute
#ad #kerberos #spray
GitHub
GitHub - 3gstudent/pyKerbrute: Use python to perform Kerberos pre-auth bruteforcing
Use python to perform Kerberos pre-auth bruteforcing - 3gstudent/pyKerbrute
How Windows Stops Kerberos Usernames Being Case Sensitive
https://vbscrub.com/2021/11/29/how-windows-stops-kerberos-usernames-being-case-sensitive/
#kerberos #pre_auth #aes_salt
https://vbscrub.com/2021/11/29/how-windows-stops-kerberos-usernames-being-case-sensitive/
#kerberos #pre_auth #aes_salt
Downgrading Kerberos Encryption & Why It Doesn’t Work In Server 2019
How we make Kerberos tickets use weaker encryption, the "TGT delegation trick", and why none of it works if the domain controllers are Windows Server 2019.
https://vbscrub.com/2021/12/04/downgrading-kerberos-encryption-amp-why-it-doesnt-work-in-server-2019/
#kerberos #windows2019 #pentest
How we make Kerberos tickets use weaker encryption, the "TGT delegation trick", and why none of it works if the domain controllers are Windows Server 2019.
https://vbscrub.com/2021/12/04/downgrading-kerberos-encryption-amp-why-it-doesnt-work-in-server-2019/
#kerberos #windows2019 #pentest
ADenum
ADEnum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos.
https://github.com/SecuProject/ADenum
#ad #ldap #kerberos #enumeration #tools
ADEnum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos.
https://github.com/SecuProject/ADenum
#ad #ldap #kerberos #enumeration #tools
KrbRelay
The only public tool for relaying Kerberos tickets and the only relaying framework written in C#.
https://github.com/cube0x0/KrbRelay
#ad #kerberos #relay
The only public tool for relaying Kerberos tickets and the only relaying framework written in C#.
https://github.com/cube0x0/KrbRelay
#ad #kerberos #relay
Relaying Kerberos over DNS using krbrelayx and mitm6
New method of gaining RCE on AD hosts in the same VLAN without credentials or needing NTLM, by abusing Kerberos, DNS and Active Directory Certificate Services.
https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/
#ad #kerberos #relay #mitm6
New method of gaining RCE on AD hosts in the same VLAN without credentials or needing NTLM, by abusing Kerberos, DNS and Active Directory Certificate Services.
https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/
#ad #kerberos #relay #mitm6
dirkjanm.io
Relaying Kerberos over DNS using krbrelayx and mitm6
One thing I love is when I think I understand a topic well, and then someone proves me quite wrong. That was more or less what happened when James Forshaw published a blog on Kerberos relaying, which disproves my conclusion that you can’t relay Kerberos from…