Want to Understand What’s Really Happening on Your Network? Try Kerberos Decryption.
March 6, 2018 | CyberArk Labs | Stephen Lowing
Using Kerberos decryption, it is possible to bridge the gap between attackers and the defenders by providing a real view into active attacks that leverage Kerberos as a means to conceal malicious activity and lateral movement. In a new research whitepaper, CyberArk Labs unveils the potential risk within hidden parts of Kerberos.
To help you better understand Kerberos traffic and illustrate the details in the paper, we have developed a tool called NetRay hosted on github. After you read the whitepaper, we encourage you to download and run this tool and modify as you see fit.
As part of our On the Front Lines webinar series, we have a session on Tuesday, March 6th where we will discuss highlights of this research. To join this webinar or view the recording later, please go to this registration page.
We look forward to your feedback on this research and tool. We hope you’ll share your experiences as you explore your Kerberos encrypted network traffic. Happy Decrypting!