impacket guide
psexec | smbexec | wmiexec
secretsdump (dumps SAM / DCSync)
GetNPUsers
AS-REP Roasting (users with Kerberos pre-authentication disabled)
GetUserSPNs
Requesting TGTs for services to get all hashes
msf:
use auxiliary/gather/get_user_spns
Last updated
Was this helpful?