The Hacker Recipes
GitHubTwitterExegolTools
Searchโ€ฆ
Introduction
Active Directory
Reconnaissance
Movement
Credentials
MITM and coerced auths
NTLM
Kerberos
Pre-auth bruteforce
Pass the key
Overpass the hash
Pass the ticket
Pass the cache
Forged tickets
ASREQroast
ASREProast
Kerberoast
Delegations
Shadow Credentials
UnPAC the hash
Pass the Certificate
sAMAccountName spoofing
SPN-jacking
DACL abuse
Group policies
๐Ÿ› ๏ธ Trusts
Built-ins & settings
Netlogon
Certificate Services (AD-CS)
Exchange services
Print Spooler Service
Persistence
Web services
Reconnaissance
Configuration
Accounts and sessions
User inputs
Systems & services
Reconnaissance
Movement
Privilege escalation
Pivoting
๐Ÿ› ๏ธ Physical
Locks
Networking
Machines
Super secret zones
๐Ÿ› ๏ธ Intelligence gathering
CYBINT
OSINT
GEOINT
๐Ÿ› ๏ธ RADIO
RFID
Bluetooth
Wi-Fi
Wireless keyboard/mouse
๐Ÿ› ๏ธ mobile apps
Android
iOS
Powered By GitBook
Pass the cache
This technique is equivalent to pass the ticket. Instead of using Kerberos tickets from, or found on, Windows systems, it's based of UNIX-like formatted tickets that serve the exact same purpose.
Pass the ticket
โ€‹
Previous
Pass the ticket
Next
Forged tickets
Last modified 7mo ago
Copy link