# 88 - Pentesting Kerberos

## Kerbrute

To enumerate and Find Valid Usernames we can use Kerbrute

{% code overflow="wrap" %}

````python
```
## kerbrute enumusers command

kerbrute userenum -d <domain-name> --dc <domain-name> <wordlist-path>       # make sure you use different wordlists
kerbrute userenum -d <domain-name> -dc-ip <IP-Address> <wordlist-path>

EXAPMLE:

kerbrute userenum -d scrm.local --dc scrm.local /usr/share/wordlists/kerberos_enum_userlists/A-ZSurnames.txt

kerbrute userenum -d baby.vl --dc baby.vl users.txt
````

{% endcode %}