Kerberoasting

An Active Directory attack that extracts service account ticket-granting service (TGS) tickets and cracks them offline. Any authenticated domain user can request TGS tickets for service accounts. Attackers crack the tickets offline to reveal service account passwords, which often carry admin-level privileges.

Definição editorial da DecipherU. Para definições técnicas autoritativas, consulte NIST, ISO, ou o órgão normativo correspondente.