Kerberos is a network authentication protocol originally developed by MIT and it is the currently implemented single sign on authentication protocol used in Windows active directory.

The purpose of this blog post is to put some resources together into my research into Kerberos. I will add more to it as I go along. At the worst it will become a dumping ground for resources on the subject for reference =).

Video

Simple demo of Kerberoasting: https://youtu.be/beRDcvBwTBw
@FireEye’s #StateOFTheHack hosts @cglyer and @itsReallyNick had a good
chat with @Carlos_Perez and @gentilkiwi about mimikatz and some interesting bits about golden and silver tickets, check it out: https://youtu.be/ytP64Tpn6MQ.
Kerberos & Attacks 101 Webcast from SANS by @TimMedin

Specs / Microsoft Docs

https://web.mit.edu/Kerberos/
http://web.mit.edu/kerberos/krb5-current/doc/
https://kerberos.org/software/tutorial.html
https://docs.microsoft.com/en-us/windows/win32/secauthn/microsoft-kerberos?redirectedfrom=MSDN
https://docs.microsoft.com/en-us/windows-server/security/kerberos/kerberos-authentication-overview
https://thecybersecurityman.com/2017/12/20/kerberos-authentication/
https://docs.microsoft.com/en-us/openspecs/windows_protocols/MS-KILE/
https://www.rfc-editor.org/rfc/rfc4120.txt

Other Resources

https://medium.com/@robert.broeckelmann/kerberos-and-windows-security-kerberos-on-windows-3bc021bc9630
https://medium.com/@robert.broeckelmann/kerberos-and-windows-security-kerberos-v5-protocol-b9c804e06479