MSSQL

Active Directory machine demonstrating NTLM hash capture through a writable SMB share, Kerberoasting, MSSQL Silver Ticket abuse, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating MSSQL abuse leading to credential leakage and AD CS certificate abuse for full domain compromise.

Azure AD Connect misconfiguration leading to credential extraction and domain compromise.