mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-26 03:34:37 +03:00
mukul975
25 lines
847 B
Markdown
25 lines
847 B
Markdown
# Standards and References - Constrained Delegation Abuse
|
|
|
|
## MITRE ATT&CK References
|
|
|
|
| Technique ID | Name | Tactic |
|
|
|-------------|------|--------|
|
|
| T1558.003 | Steal or Forge Kerberos Tickets: Kerberoasting | Credential Access |
|
|
| T1550.003 | Pass the Ticket | Lateral Movement |
|
|
| T1134.001 | Token Impersonation/Theft | Privilege Escalation |
|
|
| T1078.002 | Valid Accounts: Domain Accounts | Persistence |
|
|
|
|
## Key Research
|
|
|
|
- ired.team: Kerberos Constrained Delegation abuse
|
|
- HackTricks: Constrained Delegation methodology
|
|
- GuidePoint Security: Delegating Like a Boss
|
|
- ManageEngine: Constrained delegation attacks explained
|
|
- SpecterOps: Delegation abuse research
|
|
|
|
## Tools
|
|
|
|
- Rubeus: https://github.com/GhostPack/Rubeus
|
|
- Impacket getST.py: https://github.com/fortra/impacket
|
|
- PowerView: https://github.com/PowerShellMafia/PowerSploit
|