Accessing iSCSI storage targets.
Using DumpGuard to extract NTLM credentials from Credential Guard.
Determining which virtualisation based security features are enabled.
Attacking Network File System shares.
Using Local LLM’s to perform NMap scans.
Exploiting PowerShell JEA configurations.
Exploiting dMSA accounts to become domain administrator.
Intercepting and cracking AS-REQ & AS-REP packets.
Assuming machine account identities.
Attacking 802.1x port authentication.
Exploiting Cisco IOS Extended Edition.
Exploiting dynamic DNS updates.