Kerberos Abuse: A Recap of the Three-Headed Dog

The topic of this presentation will be the most common kerberos abuses within an active directory domain.

I plan on doing the following:

  1. Explaining Kerberos and how it’s used within an Active Directory Environment
  2. Dive into some of the exploitation vectors of Kerberos
    • AS-REP Roasting
    • Kerberoasting
    • Golden Tickets
    • Silver Tickets
    • Unconstrained Delegation Abuse
  3. Discuss how to detect these activities and how to minimize the risk

I was an Active Duty 17A in the Cyber Protection Brigade for a couple of years before deciding to leave AD and enter the reserves. I was a CND manager, led DCO missions, and this would be my second time talking at a conference. I spoke at a local security conference (South Florida) this February 2020. Then the pandemic hit and never again. I am passionate about Windows security!