kerberoasting▌
4 indexed skills · max 10 per page
performing-kerberoasting-attack
mukul975/Anthropic-Cybersecurity-Skills · performing-kerberoasting-attack
Kerberoasting is a post-exploitation technique that targets service accounts in Active Directory by requesting Kerberos TGS (Ticket Granting Service) tickets for accounts with Service Principal Names
exploiting-kerberoasting-with-impacket
mukul975/Anthropic-Cybersecurity-Skills · exploiting-kerberoasting-with-impacket
Perform Kerberoasting attacks using Impacket's GetUserSPNs to extract and crack Kerberos TGS tickets for Active Directory service accounts.
detecting-kerberoasting-attacks
mukul975/Anthropic-Cybersecurity-Skills · detecting-kerberoasting-attacks
Detect Kerberoasting attacks by monitoring for anomalous Kerberos TGS requests targeting service accounts with SPNs for offline password cracking.
deploying-active-directory-honeytokens
mukul975/Anthropic-Cybersecurity-Skills · deploying-active-directory-honeytokens
Deploys deception-based honeytokens in Active Directory including fake privileged accounts with AdminCount=1, fake SPNs for Kerberoasting detection (honeyroasting), decoy GPOs with cpassword traps, and fake BloodHound paths. Monitors Windows Security Event IDs 4769, 4625, 4662, 5136 for honeytoken interaction. Use when implementing AD deception defenses for detecting lateral movement, credential theft, and reconnaissance.