Red Teaming/Active Directory

Golden Ticket

Forging Kerberos TGTs for ultimate persistence.

Overview

A Golden Ticket is a forged Ticket Granting Ticket (TGT). If an attacker gets the NTLM hash of the KRBTGT account, they can create valid TGTs for any user, providing domain admin access.

Forging the Ticket

powershell

mimikatz # kerberos::golden /user:Administrator /domain:lab.local /sid:S-1-5-21-... /krbtgt:HASH /id:500

Continue Learning

AS-REP Roasting

Learn the next step in Active Directory attacks: targeting users without Kerberos pre-authentication enabled.

Golden Ticket Attack

Master the ultimate persistence technique by forging Kerberos Ticket Granting Tickets (TGTs).

Join Us. Cut Costs.
Focus on What Matters.

Unlock high-impact penetration testing that drives real security gains. Led by experts, tailored for results, and designed to stay budget-friendly.

Submit Info

Share your environment, scope, or compliance needs via our quick form.

Senior Review

A lead RadiumFox engineer reviews and tailors your assessment—no junior handoffs.

Optional Scoping Call

We'll clarify priorities and technical details if needed.

Clear Quote

Expect a fixed-cost proposal—no hidden fees or fluff.

Fast Kickoff

Once approved, most projects launch within 5–7 business days with full support.