Рет қаралды 1,831
One of the first steps in compromising an Active Directory environment is to find valid users. In this video, I provide a detailed guide on how to use Kerbrute to identify valid usernames in Active Directory!
Kerbrute sends TGT requests without pre-authentication to enumerate usernames. A "PRINCIPAL UNKNOWN" error means the username doesn't exist, while a pre-authentication prompt confirms it does. This method avoids login failures and account lockouts, but generates Windows event ID 4768 if Kerberos logging is enabled.
----
Kerbrute: github.com/rop...
Hack Smarter: hacksmarter.org