Big Picture In this scenario you are on a pen test for a company that uses Windows Active Directory and Kerberos to store their resources. Let’s say that you’ve gotten into a windows computer. This could be a workstation or server command line interface that you were able to log in with a user’s basic credentials that doesn’t have any …

Big Picture Let’s say that you’ve gotten into a Windows workstation for a company during a pen test. How would you gather other logins for users with more privileged access? How can you find stored passwords or fudge authentication requests to move along a network and find even more goodies? These are some tools I found that can help you …