SMB

Active Directory machine demonstrating NTLM hash capture through a writable SMB share, Kerberoasting, MSSQL Silver Ticket abuse, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating SMB user enumeration, weak password reuse, writable logon script abuse, and GPO-based privilege escalation.

Active Directory machine demonstrating anonymous LDAP enumeration, password reset abuse, SeRestorePrivilege execution, and manual NTDS extraction.

Active Directory machine demonstrating exposed SMB data, credential reuse, and Backup Operators abuse to dump domain hashes.

Active Directory machine demonstrating LDAP credential capture through a printer admin panel, WinRM access, and Server Operators abuse leading to DCSync.

Active Directory machine demonstrating AS-REP Roasting, BloodHound-driven lateral movement, LSASS credential extraction, and Backup Operators abuse.

Active Directory machine demonstrating NTLM hash capture, SMB abuse, password reuse, IIS pivoting, and SeImpersonatePrivilege escalation.

Active Directory machine demonstrating exposed SMB backups, certificate-based WinRM access, PowerShell history credential discovery, and LAPS abuse.

Azure AD Connect misconfiguration leading to credential extraction and domain compromise.

Classic Active Directory machine demonstrating GPP credential exposure leading to Kerberoasting and domain compromise.