Kerberos enables secure network communication in Windows environments. Adversaries can leverage numerous attacks to get their hands on the tickets that make Kerberos work and crack them offline. Once cracked, adversaries use them to accomplish multiple tactics in your environment. Learn detections and mitigations to stop them in their tracks today.
Kerberos is another core technology found in enterprise Windows environments across the globe. At its heart, Kerberos enables secure communication between clients and services on a network. Unfortunately, there have been many vulnerabilities in certain versions of the protocol and misconfigurations make the problem worse. Kerberoasting is possible when either weak hashing algorithms are used in an organization’s Kerberos implementation, or when sufficiently motivated threat actors put enough computing horsepower behind cracking these hashes.
Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by financially motivated threat group FIN7. Prevent adversaries from accomplishing the tactic of Credential Access in your environment today.
Complete this entire course to earn a Kerberoasting Certificate of Completion