Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A Golden Ticket attack forges Kerberos TGTs using the stolen KRBTGT hash, granting attackers persistent full control of an Active Directory domain.
Golden Ticket Attack Definition: A Golden Ticket attack forges Kerberos TGTs using the stolen KRBTGT hash, granting attackers persistent full control of an Active Directory domain.
A Golden Ticket attack is a post-exploitation technique in which an attacker who has compromised the KRBTGT account password hash in an Active Directory domain forges valid Kerberos Ticket-Granting Tickets. These forged tickets grant arbitrary, long-lived access to domain resources with any privileges, effectively giving full domain control. Defenses include protecting domain controllers, regularly rotating the KRBTGT password twice, and monitoring for anomalous ticket lifetimes and encryption types.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →