Search
Category
Tag
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

HackDB

The Ultimate Directory for Offensive Security

Product

Search
Category
Tag

Resources

Pricing
Submit

Pages

Home
Sitemap
Support

Company

About Us
Privacy Policy
Terms of Service

Copyright © 2025 All Rights Reserved.

Home
Category
Infrastructure Security
Kerbrute

Kerbrute

Kerbrute is a tool for bruteforcing and enumerating valid Active Directory accounts via Kerberos pre-authentication.

image of Kerbrute

Introduction

Information

Publisher
Admin
Websitegithub.com
Published date2025/07/06

Categories

Infrastructure Security

Tags

Internal

More Products

image of Impacket

Infrastructure Security

Impacket

Impacket is a collection of Python classes for working with network protocols, providing low-level access to packets and protocol implementation.

image of Impacket

Infrastructure Security

Impacket

Impacket is a collection of Python classes for working with network protocols, focused on low-level packet access and protocol implementation.

image of Rubeus

Infrastructure Security

Rubeus

Rubeus is a C# toolset for raw Kerberos interaction and abuses, heavily adapted from Kekeo and MakeMeEnterpriseAdmin projects.

Bruteforce Internal

Kerbrute

A tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication.

Grab the latest binaries from the releases page to get started.

This tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication. It is designed to be used on an internal Windows domain with access to one of the Domain Controllers.

Key features:

User Enumeration: Enumerate valid domain usernames without causing account lockouts.
Password Spray: Perform horizontal password spraying attacks against a list of users.
Brute User: Traditional bruteforce attack against a single username.
Brute Force: Read username and password combinations from a file or stdin and test them.

Use cases:

Identifying valid usernames in an Active Directory environment.
Testing common passwords against a list of users.
Bruteforcing a single user's password.
Validating credentials obtained from other sources.