RunasCs

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Windows machine demonstrating phishing through a malicious LibreOffice document, IIS web root abuse, SeImpersonatePrivilege, and local administrator access through GodPotato and RunasCs.