Johann Scheepers, Incident Response Consultant
March 31, 2021
This short paper is a guide to Kerberos-based attacks that exploit legitimate functionality in Active Directory (AD). It includes guidance on how to remediate golden and silver ticket use, reset KRBTGT, and recover fully from domain controller compromise. Written from an incident response perspective, readers will come to appreciate the scale of the risk associated with both types of attack and discover the means with which this risk can be remediated.
What you’ll learn: