Posts tagged: #kerberos

AS-REP Roasting: cracking accounts that skipped Kerberos preauth

How AS-REP roasting lets an unauthenticated attacker pull a crackable krb5asrep hash from accounts with preauth disabled, and how defenders catch it.

6/4/2026

as-rep roastingactive directorykerberoshashcat

Kerberoasting: turning a service ticket into a domain password

How Kerberoasting actually works, why any domain user can do it, and the exact path from a krb5tgs ticket to a cracked service account password with hashcat.

6/4/2026

kerberoastingactive directoryhashcatkerberos