• $ USD
  • € EUR

A Look Inside the Pass-the-PRT Attack

Discover what a Primary Refresh Token is and how cyber-criminals are exploiting it in two different ways to launch Azure Active Directory attacks.

Like an NT hash (AKA NTLM hash) and a Kerberos ticket, a Primary Refresh Token (PRT) can be passed in an attack. Mimikatz author Benjamin Delpy and Dirk-jan Mollema have both released detailed research and code showing how attackers could Pass-the-PRT to perform the lateral movement to the cloud.

Here we take a brief look at what a PRT is and how cyber-criminals could exploit it to launch attacks.

Join us LIVE from 6PM CET on Nov. 23, 2021 for our biggest ever annual cybersecurity webinar feat. Sami Laiho, Michael Grafnetter & Paula Januszkiewicz.

Take this chance to grow your skills in Azure AD security, digital forensics, shadow credential injection attacks, and Privileged Access Workstations.


You may also be interested in:

How can we help you?

Suggested searches

    Search history

      Popular searches:

      Not sure what course to look for?

      Mobile Newsletter Form