Kerbrute
Basic tool information
Name of the tool
Kerbrute
Purpose/functionality description
A tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication. Kerbrute can bruteforce kerberos in a really fast way, discovering thousands of valid users in seconds. It also automatically performs AS-REP roasting while bruteforcing usernames.
Project website
https://github.com/ropnop/kerbrute
Repository URL
https://github.com/ropnop/kerbrute
License
Apache 2-0
Technical details
Programming language(s) used
Golang
Dependencies required
Golang, go-logging, gokrb5, cobra, testify, check.v1, crypto
Installation method (source compilation, binary package, etc...)
source compilation
Integration information
How the tool fits into the ParrotOS ecosystem
Can be installed anywhere, but a debian package would likely install it into /usr/bin
Why it would benefit ParrotOS users
Kerbrute is often used when attacking active directory. Mostly for its userenum and passwordspray functionality. As kerbrute uses pre-auth to perform its functions, it becomes a way faster tool to perform bruteforcing attacks, moreover, it can also be a stealthier way since it doesn't trigger login failure logs on default configuration. Kerbrute is also used very often on Hackthebox
Documentation
User documentation or manual
There is no wiki, but the project documentation can be found at the following link.
Installation instructions
- Clone the repository:
go get github.com/ropnop/kerbrute- Build
make all Maintenance commitment
Contact information for the developer/maintainer
- Name: Ronnie Flathers
- Email: rflathers@gmail.com
- GitLab/GitHub: ropnop
Has it been tested on ParrotOS?
Yes, ParrotOS 6.4