impacket-mssqlclient

Active Directory machine demonstrating NTLM hash capture through a writable SMB share, Kerberoasting, MSSQL Silver Ticket abuse, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating MSSQL abuse leading to credential leakage and AD CS certificate abuse for full domain compromise.