Skip to content
/ BSidesRGV2024 Public

A Collection of Powershell One-Liners and functions that can help Blue

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MatthewGeneNavarro/BSidesRGV2024

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
Kerberoasting_Attacks
Kerberoasting_Attacks
 
 
golden_ticket_attack
golden_ticket_attack
 
 
logs
logs
 
 
Presentation.pptx
Presentation.pptx
 
 
README.md
README.md
 
 

Repository files navigation

BSidesRGV2024

This was a presention on common Kerberos attacks. I started off by doing a deep dive on the Kerberos protocol and displayed a baseline of normal Kerberos behavior. I then demonstrated how defenders could write their own detections to highlight abnormal Kerberos behavior by parsing Windows Event Logs.

Golden Ticket Detection Important Event IDs: 4624: Account Logon 4672: Admin Logon 4678: TGT Request 4769: TGS Request

Kerberoasting Detection Important Event IDs: 4624: Account Logon 4672: Admin Logon 4678: TGT Request 4769: TGS Request

About

A Collection of Powershell One-Liners and functions that can help Blue

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages