Pentester's Promiscuous Notebook

Twitter GitHub Blog

README
⚒️Pentest
⚔️Red Team
🐞Exploit Dev
⚙️Admin

Powered by GitBook

On this page

Fake TGT Delegation
Internal Monologue
RemoteMonologue
GSSAPI Abuse

Pentest

Infrastructure

AD

Credentials Harvesting

SSPI

Security Support Provider Interface

Last updated 2 months ago

Fake TGT Delegation

Internal Monologue

RemoteMonologue

GSSAPI Abuse

⚒️

https://github.com/gentilkiwi/kekeo/blob/d3ee2ae2fdeb5581fe2be1d53838f66729c3de16/kekeo/modules/kuhl_m_tgt.c

https://github.com/GhostPack/Rubeus#tgtdeleg

https://github.com/GhostPack/Rubeus/blob/0e57072d27c242fa503d2d3a8b5e3ddb3373cc06/Rubeus/lib/LSA.cs

https://github.com/ly4k/Certipy/blob/2780d5361121dd4ec79da3f64cfb1984c4f779c6/certipy/lib/sspi/kerberos.py

https://xakep.ru/2023/06/14/tgt-delegation/

https://github.com/MzHmO/articles/tree/main/TGT%20Deleg

https://swarm.ptsecurity.com/python-sspi-teaching-impacket-to-respect-windows-sso/

https://gist.github.com/snovvcrash/ff867dbd922ff2c36f480c0a61819f29

https://eladshamir.com/2018/03/19/Internal-Monologue.html

https://github.com/eladshamir/Internal-Monologue

https://xakep.ru/2023/12/08/sspi-hack/

https://github.com/MzHmO/NtlmThief

https://www.ibm.com/think/x-force/remotemonologue-weaponizing-dcom-ntlm-authentication-coercions

https://github.com/3lp4tr0n/RemoteMonologue

https://www.pentestpartners.com/security-blog/a-broken-marriage-abusing-mixed-vendor-kerberos-stacks/

https://github.com/CCob/gssapi-abuse