Rubeus
Featured🔥 Offensive Ops · C#
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It's the go-to tool for Kerberos-based attacks in Active Directory environments. Rubeus supports AS-REP roasting, Kerberoasting, unconstrained/constrained/resource-based constrained delegation abuse, S4U ticket requests, ticket extraction and renewal, and golden/silver ticket creation. It can be loaded reflectively in memory, making it a staple of modern AD attack chains.
Use Cases
- Kerberoasting to extract service account hashes
- AS-REP roasting against accounts without pre-auth
- Kerberos delegation abuse for privilege escalation
- Golden and silver ticket forging
- Pass-the-ticket and over-pass-the-hash attacks
Tags
Details
- Category
- 🔥 Offensive Ops
- Language
- C#
- Repository
- GhostPack/Rubeus
Platforms
Alternatives & Comparisons
More in Offensive Ops
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
Havoc
C/C++Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.
Certipy
PythonActive Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.
Coercer
PythonAutomatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.
SharpHound
C#Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.
BeEF
RubyBrowser Exploitation Framework. Hook browsers via XSS, then pivot into the network using browser-based attacks.