Kerberoasting Revisited

DerbyCon 9.0 - Finish Line

Presented by: Will Schroeder
Date: Saturday September 07, 2019
Time: 13:30 - 14:00
Location: Stable Talks

Kerberoasting has become the red team’s best friend over the past several years, with various tools being built to support this technique. However, by failing to understand a fundamental detail concerning account encryption support, we haven’t understood the entire picture. This talk will revisit our favorite TTP, bringing a deeper understanding to how the attack works, what we’ve been missing, and what new tooling and approaches to kerberoasting exist.

Will Schroeder

Will Schroeder (@harmj0y) is an offensive engineer and red teamer for Specter Ops. He is a co-founder of GhostPack, Empire/Empyre, BloodHound, and the Veil-Framework, developed PowerView and PowerUp, is an active developer on the PowerSploit project, and is a Microsoft PowerShell MVP. He has spoken at a number of security conferences including ShmooCon, DerbyCon, Troopers, BlackHat, DEF CON, BlueHat Israel, and more on topics ranging from domain trust abuse to advanced offensive tradecraft.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats