Impacket

exploiting-kerberoasting-with-impacket helps authorized testers plan Kerberoasting with Impacket GetUserSPNs.py, from SPN enumeration to TGS ticket extraction, offline cracking, and detection-aware reporting. Use this exploiting-kerberoasting-with-impacket guide for penetration testing workflows with clear install and usage context.

The exploiting-nopac-cve-2021-42278-42287 skill is a practical guide for assessing the noPac chain (CVE-2021-42278 and CVE-2021-42287) in Active Directory. It helps authorized red teamers and Security Audit users check prerequisites, review workflow files, and document exploitability with less guesswork.

The exploiting-constrained-delegation-abuse skill guides authorized Active Directory testing of Kerberos constrained delegation abuse. It covers enumeration, S4U2self and S4U2proxy ticket requests, and practical paths to lateral movement or privilege escalation. Use it when you need a repeatable guide for penetration testing, not a generic Kerberos overview.

conducting-pass-the-ticket-attack is a Security Audit and red-team skill for planning and documenting Pass-the-Ticket workflows. It helps you review Kerberos tickets, map detection signals, and produce a structured validation or report flow using the conducting-pass-the-ticket-attack skill.

conducting-domain-persistence-with-dcsync guide for authorized Active Directory security audit work. Learn install, usage, and workflow notes to assess DCSync rights, KRBTGT exposure, Golden Ticket risk, and remediation steps using the included scripts, references, and report template.