Got Persistence via (schtasks, bat schtasks, startup folder)
(screenshot)

---

(link important info in initialenum.md here)

---

# powerup.ps1/sharpup.exe notes.

(screenshot)

---

# kerberoast notes

- [ ] worked via rubeus
- [ ] worked via encrypted rubeus
- [ ] worked via netexec


(screenshot)

---

# password spray notes

worked via (exeasm nefariousspray | inline nefarious spray | powershell tool | other tool)

- [ ] useraspass
- [ ] Seasonyear!
- [ ] Service123!
- [ ] admin
- [ ] Admin
- [ ] Admin123!
- [ ] admin123
- [ ] admin1
- [ ] 1234567
- [ ] Seasonyear
- [ ] seasonyear!
- [ ] seasonyear
- [ ] COMPANYYEAR!
- [ ] COMPANYYEAR
- [ ] November2024!
- [ ] September2024!
- [ ] October2024!
- [ ] COMPANYfoundingyear!
- [ ] COMPANYfoundingyear
- [ ] COMPANYstreetnumber!
- [ ] COMPANYstreetnumber
- [ ] Password
- [ ] P@ssw0rd
- [ ] Password1!
- [ ] Password123!
- [ ] Passwordyear!
- [ ] P@55w0rd
- [ ] Service
- [ ] Service!
- [ ] Serviceyear!

---

# bloodhound notes

- [ ] worked via exeasm sharphound
- [ ] worked via inline sharphound
- [ ] worked via encrypted sharphound
- [ ] worked via rusthound

(notes about intial lateral movement paths)

(screenshot)

---

# portscan notes

- [ ] gathered via cobalt strike portscan
- [ ] host enumeration via cmd
- [ ] gathered via powershell
- [ ] gathered via nmap
- [ ] gathered via other tool (specify here)

(screenshot)

SSH count: 
FTP count:
RDP count:
MSSQL count:
mysql count:
(continue as needed)

---