Kerbrute
A tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication.
Grab the latest binaries from the releases page to get started.
This tool is designed to assist in quickly bruteforcing valid Active Directory accounts through Kerberos Pre-Authentication. It is designed to be used on an internal Windows domain with access to one of the Domain Controllers.
Key features:
- User Enumeration: Enumerate valid domain usernames without causing account lockouts.
- Password Spray: Perform horizontal password spraying attacks against a list of users.
- Brute User: Traditional bruteforce attack against a single username.
- Brute Force: Read username and password combinations from a file or stdin and test them.
Use cases:
- Identifying valid usernames in an Active Directory environment.
- Testing common passwords against a list of users.
- Bruteforcing a single user's password.
- Validating credentials obtained from other sources.
