Blog Post

Microsoft Security Community Blog
3 MIN READ

Detecting LDAP based Kerberoasting with Azure ATP

Tal Maor's avatar
Tal Maor
Icon for Microsoft rankMicrosoft
Apr 17, 2019
In a typical Kerberoasting attack, attackers exploit LDAP vulnerabilities to generate a list of all user accounts with a Kerberos Service Principal Name (SPN) available. Once successful at listing th...
Updated May 11, 2021
Version 5.0