Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Golden Ticket Attack

Training Camp • Cybersecurity Glossary

What is Golden Ticket Attack?

A Golden Ticket attack forges Kerberos TGTs using the stolen KRBTGT hash, granting attackers persistent full control of an Active Directory domain.

Glossary > Identity & Access Management > Golden Ticket Attack

Understanding Golden Ticket Attack

A Golden Ticket attack is a post-exploitation technique in which an attacker who has compromised the KRBTGT account password hash in an Active Directory domain forges valid Kerberos Ticket-Granting Tickets. These forged tickets grant arbitrary, long-lived access to domain resources with any privileges, effectively giving full domain control. Defenses include protecting domain controllers, regularly rotating the KRBTGT password twice, and monitoring for anomalous ticket lifetimes and encryption types.

Learn More About Golden Ticket Attack:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →