kerberos-delegation
OfficialExploit Kerberos delegation for AD privilege escalation.
Software Engineering#delegation#privilege escalation#lateral movement#kerberos#active directory#s4u#rbcd
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps penetration testers identify and exploit misconfigurations in Kerberos delegation within Active Directory environments to gain higher privileges and move laterally.
Core Features & Use Cases
- Enumerate Delegation: Discover Unconstrained, Constrained, and Resource-Based Constrained Delegation (RBCD) settings.
- Exploit Techniques: Leverage TGT harvesting, S4U2Self/S4U2Proxy attacks, and SPN swapping.
- Use Case: After gaining initial access, use this Skill to find a service account with Constrained Delegation and impersonate a high-privilege user to access sensitive network resources.
Quick Start
Use the kerberos-delegation skill to enumerate all unconstrained delegation targets in the current domain.
Dependency Matrix
Required Modules
impacketrubeusbloodyADnetexeckrbrelayxspoolsamplepetitpotamdfscoerceprinterbugdementor.py
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: kerberos-delegation Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#kerberos-delegation Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.