Skip to content

gam4er/FindGT

Repository files navigation

Windows Token Anomaly Detector for Golden Tickets

Overview

This Proof-of-Concept (PoC) project aims to identify anomalies in user session tokens that have been authorized using Golden Tickets on Windows PCs. This can serve as a valuable asset in security audits and anomaly detection.

Features

  • Detects inconsistencies in Security Identifiers (SIDs)
  • Analyzes Privilege Attribute Certificate (PAC)

Acknowledgments

A significant amount of code in this project has been borrowed from the Koh project by GhostPack. Special thanks to the creators and contributors of Koh for their valuable work.

License

This project is entirely free and open-source. Feel free to use, modify, and distribute as you see fit. Please note that this software comes with no warranty.

About

PoC Windows Token Anomaly Detector

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages