Kerberos gets used a lot in Windows AD environments to authenticate users over the network, and a lot of us have attacked it with Impacket and Mimikatz etc.
But when you start to look into how it actually works, lots of articles either over simplify things or go the other way and provide too much low level technical info without any context of how that applies to real world scenarios.
So I thought I’d try and cover the authentication process in a few different levels of detail and keep it all related to real world AD scenarios.
Also made a blog post here with all of the diagrams from the video for quick reference: Kerberos Protocol Explained | VbScrub
