A penetration tester compromises a Windows OS endpoint that is joined to an Active Directory local environment. Which of the following tools should the tester use to manipulate authentication mechanisms to move laterally in the network?
Rubeus is a post-exploitation tool used for Kerberos abuse, including ticket extraction, pass-the-ticket, ticket renewal, and Kerberoasting. It ' s ideal for lateral movement within Active Directory environments.
WinPEAS is mainly used for local privilege escalation and enumeration.
NTLMRelayX (from Impacket) is useful for relaying NTLM authentication but is not focused on Kerberos.
Impacket is a collection of tools; Rubeus is more targeted for Kerberos attacks.
[Reference: PT0-003 Objective 4.2 – Tools and techniques for lateral movement and manipulating authentication in Windows AD environments., , , , , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit