← LibraryTechnique entry
T1558.005Credential Access
Ccache File Theft
Steal Kerberos credential cache files from a compromised host.
§ Where this technique fits
T1558.005 is catalogued under the Credential Access tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.
Authoritative reference: attack.mitre.org/techniques/T1558/005/.