Golden Ticket

The exploiting-nopac-cve-2021-42278-42287 skill is a practical guide for assessing the noPac chain (CVE-2021-42278 and CVE-2021-42287) in Active Directory. It helps authorized red teamers and Security Audit users check prerequisites, review workflow files, and document exploitability with less guesswork.

detecting-golden-ticket-forgery detects Kerberos Golden Ticket forgery by analyzing Windows Event ID 4769, RC4 downgrade use (0x17), abnormal ticket lifetimes, and krbtgt anomalies in Splunk and Elastic. Built for Security Audit, incident investigation, and threat hunting with practical detection guidance.

conducting-pass-the-ticket-attack is a Security Audit and red-team skill for planning and documenting Pass-the-Ticket workflows. It helps you review Kerberos tickets, map detection signals, and produce a structured validation or report flow using the conducting-pass-the-ticket-attack skill.

conducting-domain-persistence-with-dcsync guide for authorized Active Directory security audit work. Learn install, usage, and workflow notes to assess DCSync rights, KRBTGT exposure, Golden Ticket risk, and remediation steps using the included scripts, references, and report template.