AutoPtT

AutoPtT is a standalone tool designed to automate Pass-the-Ticket (PtT) attacks, offering an alternative to established tools like Rubeus and Mimikatz. Implemented in C++ and Python, it provides a robust solution for red team operations and penetration testing within Active Directory environments.

Key features and use cases include:

• Automated PtT (auto): Streamlines the entire PtT process, automatically dumping and importing Kerberos Ticket Granting Tickets (TGTs) into the current session.
• Session Listing (sessions): Enumerates active logon sessions on a system, similar to klist sessions.
• Current Session Ticket Listing (klist): Displays Kerberos tickets within the current user's session.
• All Session Ticket Listing (tickets): Dumps all Kerberos tickets across all logon sessions, providing functionality akin to Rubeus.exe dump.
• TGT Export (export <LogonId>): Allows for the export of a specific TGT given its LogonId, facilitating offline analysis or transfer.
• Ticket Import (ptt <filename.kirbi>): Imports a Kerberos ticket from a specified file, enabling the use of previously acquired tickets for authentication.

AutoPtT is a valuable asset for security professionals conducting internal network assessments, focusing on credential theft and lateral movement techniques.