THREATOPS
THREAT OPSThreat News › User-to-User Authentication: Down the Rabbit Hole – Part 1

User-to-User Authentication: Down the Rabbit Hole – Part 1

infospecteropsPublished 2026-06-09

<p class="wp-block-paragraph"><em><strong>TL;DR: </strong>This blog post covers Windows internals and how Kerberos user-to-user (U2U) authentication works under the hood versus showing how to execute an attack.</em></p>

<p class="wp-block-paragraph">U2U authentication came into the spotlight after the Active Directory Certificate Services (ADCS), UnPAC-the-Hash, and Shadow Credentials attacks.

MITRE ATT&CK techniques

Original source: https://specterops.io/blog/2026/06/09/user-to-user-authentication-down-the-rabbit-hole-part-1/