Kerberoast

Active Directory machine demonstrating NTLM hash capture through a writable SMB share, Kerberoasting, MSSQL Silver Ticket abuse, and SeImpersonatePrivilege escalation.

Classic Active Directory machine demonstrating GPP credential exposure leading to Kerberoasting and domain compromise.