Internal attack vectors covered include:

• Domain Credential Guessing and Cracking
• Broadcast Name Resolution Poisoning
• Local Administrator Attacks using Local Accounts
• Local Administrator Attacks using Domain Accounts
• Stealing Credentials from Memory (Mimikatz)
• Privilege Escalation by Cracking SPN Kerberos Tickets (Kerberoasting)
• Automated Collection of Internal Data and Account Information
• Execution via Trusted Code (Signed Binaries or Scripts)
• Access Token Manipulation
• Exploitation of Remote Software