The ultimate Active Directory persistence attack.
Forge Kerberos TGT using the KRBTGT account hash.
Unlimited domain access. Invisible to most defenses. Persistence for 10 years by default.
Kerberos TGT Forging & Domain Persistence
Requires: KRBTGT hash (Domain Admin) β’ Difficulty: High β’ Impact: CRITICAL
π» Desktop Experience Available
View this module on desktop for an interactive Kerberos ticket forging simulation with TGT visualization.
Golden Ticket is the ultimate Active Directory persistence attack. Forge Kerberos TGT (Ticket Granting Ticket) using the KRBTGT account hash. Unlimited domain access. Invisible to most defenses. Persistence for 10 years by default.
Why It's Devastating: KRBTGT hash = skeleton key to entire domain. Valid for 10 years (default TGT lifetime). Survives password resets on user accounts. Detection requires baselining normal Kerberos traffic. Coined by Benjamin Delpy (Mimikatz creator).
Golden Ticket attacks should only be used in authorized penetration testing, red team engagements, or controlled lab environments. Forging Kerberos tickets and unauthorized domain access is illegal under CFAA and equivalent laws worldwide. Always obtain written permission before testing.
Objective: Total Domain Persistence // Tool: Golden Ticket