Glossary

PASS THE TICKET
defined.

The Kerberos equivalent of pass-the-hash — reusing a TGT or service ticket extracted from one host to authenticate as that user elsewhere.

A–Z

What is Pass the Ticket?

Extracted via Mimikatz from LSASS or via Rubeus from Kerberos cache. Defence focuses on detection (TGS-REQ from anomalous source) and credential hygiene (short TGT lifetimes, no Tier 0 logins on user endpoints).

Related terms.

Pass the Hash
Kerberoasting
Golden Ticket
Lateral Movement

Where this shows up.

See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.

Test for this in your stack

BOOK A FREE
scoping call.

30-minute call with an OSCP-certified engineer. Tailored proposal in 24 hours.

Book Free Scoping Call →All Services

PASS THE TICKETdefined.

What is Pass the Ticket?

Related terms.

Where this shows up.

BOOK A FREEscoping call.

PASS THE TICKET
defined.

BOOK A FREE
scoping call.