Kerberoast

Kerberoast is a package containing multiple tools designed for attacking MS Kerberos implementations. It supports extracting all accounts in use as SPN using built-in MS tools, acquiring tickets from RAM with Mimikatz, cracking with tgsrepcrack, and requesting tickets.

The package includes scripts like GetUserSPNs.ps1 and GetUserSPNs.vbs for SPN enumeration, extracttgsrepfrompcap.py for PCAP processing, kerberoast.py for roasting, kirbi2john.py for John the Ripper conversion, krbroast-pcap2hashcat.py for Hashcat conversion, pac.py for PAC handling, and tgsrepcrack.py for cracking.

These tools are used in penetration testing to target Kerberos service accounts with SPNs, enabling offline cracking of TGS tickets.

Kerberoast exploits Kerberos by requesting TGS tickets for SPN accounts, which are encrypted with the service account's password hash. Tools extract SPNs via PowerShell/VBS, repack TGS from PCAP or memory dumps (Mimikatz), convert to cracking formats (Hashcat/John), and crack using tgsrepcrack.py. It leverages protocols like Kerberos TGS-REQ/REP and RC4-HMAC encryption on service tickets.