Attacker Technique - RC4/DES TGT(Proxiable)+ST Kerberos Tickets Requested (Kerberoasting, Raw)

antmar904 · May 8, 2025, 7:27pm

Hi.

Has anyone else been seeing these alerts? All look to be FP. I wonder if this rule needs tunning?