| Category | Tools / Commands | | --------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | | [[AD Enumeration]] | fping, nmap, smbclient, ldapsearch,<br>rpcclient, enum4linux, [[Kerbrute]], <br>crackmapexec, [[BloodHound]] | | Harvesting & Brute-forcing Tickets | [[Rubeus]] | | [[AS-REP Roasting]] | [[Rubeus]], [[GetNPUsers.py]] | | [[Kerberoasting]] | [[Rubeus]], [[GetUserSPNS.py]] | | [[Pass the Ticket]] | [[Mimikatz]] | | [[Golden & Silver Ticket Attack]] | [[Mimikatz]] | | [[Kerberos Backdoor - Skeleton Key]] | [[Mimikatz]] | | Group Policy Object exploit | [[SharpGPOAbuse]] | | Active Directory Certificate Services exploit | [[Certipy]], [[Certify.exe]] |