Workshop: Hands on Kerberos with Tim Medin
Overview
- Course Length: 4 hours
- Support from expert instructors
- Includes a certificate of completion
What You
Can
In this workshop, you’ll get an overview of Kerberos based on a section straight from Red Siege’s Offense for Defense (O4D) course and another excerpt from the new Pen Testing: Beyond the Basics class.
We’ll cover what Kerberos is, and how to attack it. You’d work through a hands on lab exercise involving Kerberoasting (Tim’s baby), the silver ticket attack, and the golden ticket attack.
Syllabus
- Examine how Active Directory and Kerberos work to provide authentication and authorization
- Windows Domain and Kerberos – Nearly every organization uses Active Directory (AD). No penetration testing workshop or course would be complete without a deep dive into identifying issues in AD, and abusing those issues for privilege escalation, lateral movement, and persistence.
- Discuss real world, high-impact attacks used by threat actors to abuse Kerberos, such as
- Kerberoasting
- Silver Ticket Attack
- Golden Ticket Attacks
- Overpass-the-Hash
- Pass-the-Ticket
- Kerberos Delegation Issues
- The workshop includes two hands-on lab exercises
- Kerberoasting and Silver Ticket Attack
- Golden Ticket Attack
Virtual (May 2nd, 2025)
- May 2nd – 11 AM EST – 4 PM EST
System Requirements:
- Just a laptop with a browser (Safari will work, but it is not preferred)
Audience Skill Level:
- Intermediate
Live Training
- Pay What You Can
- Collaborative interaction with Instructor and fellow students through the Antisyphon Discord class channel
- Access to course slides for future reference
- Tips, tools, and techniques that can be applied immediately upon returning to work
- Strengthen your skills by solving challenges within the Antisyphon Cyber Range
- Become part of a community driven to educate and share knowledge
