Skill UI

This technique details how to exploit misconfigurations within Kerberos Constrained Delegation (KCD) in Active Directory. By leveraging S4U2self and S4U2proxy extensions, attackers can impersonate highly privileged users (e.g., Domain Admins) to request service tickets, enabling lateral movement and full domain compromise during authorized red teaming or penetration testing.

Conducts a comprehensive Active Directory penetration test, covering domain enumeration, misconfiguration discovery, and attack path analysis using BloodHound. Techniques include exploiting Kerberos weaknesses (Kerberoasting, AS-REP Roasting) and escalating privileges via DCSync and constrained delegation, culminating in domain compromise demonstration.