Pass-The-Ticket (PtH) is a form of cyber credential theft whereby an attacker uses stolen Kerberos tickets to impersonate a user on a network, bypassing authentication mechanisms and gaining unauthorized access to resources. Adversaries often use this technique to move laterally through an organization’s network to hunt for opportunities to escalate their privileges.