Azure AD Kerberos is a new modification of the legacy Kerberos protocol, and was developed by Microsoft to enable IaaS workloads in Azure to authenticate directly to Azure AD instead to a legacy AD as they did until now. However, our research disclosed that some of the critical Kerberos weaknesses are still present in the new Entra ID (formerly Azure AD).
In this research you can learn how we have modified the Kerberos Pass the Ticket and Silver Ticket techniques to develop the new Bounce the Ticket and Silver Iodide that can be used against Azure AD Kerberos.