I am not going to add much to this article, I know is not very original but you should go straight into the presentation. It is worth your time if you are looking to understand lateral movement, examples with windows event id’s and Kerberos KDC vulnerability.
https://www.first.org/resources/papers/conf2016/FIRST-2016-105.pdf
One Comment Add yours