What is Kerberoasting in Cybersecurity?
Offensive Security
Version 1.0 · Published April 2026 · Last verified April 2026
How is it pronounced?
KUR-bur-OH-sting/ˈkɜːr.bərˈoʊ.stɪŋ/
Kerberos protocol + 'roasting'. KUR-bur-os is the protocol name (from Greek mythology).
An Active Directory attack that extracts service account ticket-granting service (TGS) tickets and cracks them offline. Any authenticated domain user can request TGS tickets for service accounts. Attackers crack the tickets offline to reveal service account passwords, which often carry admin-level privileges.
Why Kerberoasting Matters for Your Cybersecurity Career
Kerberoasting is one of the most effective post-compromise techniques in Windows environments. Penetration testers include Kerberoasting in every Active Directory assessment. SOC analysts monitor for unusual TGS ticket requests that signal Kerberoasting. Security engineers mitigate it by using long, complex service account passwords and managed service accounts.
Which Cybersecurity Roles Use Kerberoasting?
Related Cybersecurity Terms
Related Cybersecurity Certifications
An Active Directory attack that extracts service account ticket-granting service (TGS) tickets and cracks them offline. Any authenticated domain user can request TGS tickets for service accounts. Attackers crack the tickets offline to reveal service account passwords, which often carry admin-level privileges.
Kerberoasting is one of the most effective post-compromise techniques in Windows environments. Penetration testers include Kerberoasting in every Active Directory assessment. SOC analysts monitor for unusual TGS ticket requests that signal Kerberoasting. Security engineers mitigate it by using long, complex service account passwords and managed service accounts.
Cybersecurity professionals who work with Kerberoasting include Penetration Tester, SOC Analyst, Security Engineer. These roles apply Kerberoasting knowledge within the Offensive Security domain.
Sources
Definitions are original explanations written for career development purposes. For authoritative technical definitions, refer to NIST, ISO, or the relevant standards body.
Last verified: April 2026?Report an inaccuracy
Related Resources
Related Cybersecurity Career Guides
Related Cybersecurity Certifications
Was this page helpful?
Get cybersecurity career insights delivered weekly
Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.
Get Cybersecurity Career Intelligence
Weekly insights on threats, job trends, and career growth.
Unsubscribe anytime. More options