conducting-pass-the-ticket-attack

High-risk offensive security skill. Its capabilities are internally consistent with red-team post-exploitation, but that purpose itself gives an AI agent credential-theft and lateral-movement instructions with real attack impact. Not confirmed malware, but clearly unsafe and inappropriate for general agent use.

This file is an explicit, operational playbook for Pass-the-Ticket attacks using known offensive tools (Mimikatz, Rubeus, Impacket). It instructs how to extract, convert, inject, and forge Kerberos tickets to impersonate privileged accounts and perform lateral movement and persistence. The content should be treated as malicious: presence of these commands, scripts, or associated binaries in an environment is a high-severity indicator requiring immediate investigation and containment. Monitor for the listed detection indicators and assume compromise if these actions are observed.