kerberoast-attack

This fragment is a highly actionable offensive security guide for Kerberos ticket-hash cracking (Kerberoasting/AS-REP Roasting) using hashcat/John, including optimized attack parameters and an automated Python wordlist generator that writes targeted password candidates to disk. No obfuscated backdoor/persistence or host/network malicious payload is present in the snippet itself, but the end-to-end workflow directly facilitates credential recovery and thus presents a high misuse security risk if present in a software dependency. Review package provenance and accompanying files for any additional executable code beyond this instructional material.

SUSPICIOUS。该技能的目的与能力高度一致，但它本身就是面向 AI 代理的攻击性 AD 利用手册，覆盖凭据获取、离线破解、规避检测和后利用，能够直接支持未授权渗透、横向移动和域控接管。未见明显第三方窃密端点或伪装安装器，因此更像高风险进攻工具而非确认恶意植入。

This fragment is explicitly malicious offensive content targeting Active Directory Kerberos for credential theft and privilege escalation. It includes operational automation for Kerberos roasting, directory attribute tampering to enable additional attacks, ticket abuse/forgery (S4U/RBCD/Diamond/Silver/Sapphire), offline cracking, and ticket-injection-based secret dumping. There is no benign purpose apparent; if packaged as a dependency, it would represent a severe supply-chain security risk.