jakobfriedl / tgt-monitor-bof
PublicAsync BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.
This is a background monitor for detecting new Kerberos Ticket Granting Tickets in Windows systems' login caches, outputting them in base64 for use in authentication testing.
How It Works
You discover this GitHub tool that keeps an eye out for fresh login passes on Windows machines during security checks.
You follow the simple build guide to prepare the lightweight program on your computer.
With full system access on the Windows computer, you launch the watcher to run quietly.
You decide how often it looks (like every few minutes) and if it should watch everyone or just one user.
The tool runs in the background, scanning regularly for any new login passes without making a fuss.
Suddenly, it notifies you with full details of the new login pass and hands over a ready-to-use encoded copy.
You now have the captured login pass to continue your security testing smoothly and effectively.
Star Growth
Repurpose is a Pro feature
Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.
Unlock RepurposeSimilar repos coming soon.