Last updated 1 month ago
It is NOT recommended to brute force credentials due to account lockout policies that we cannot enumerate on the domain controller.
kerbrute userenum --dc 10.10.253.172 --domain spookysec.local users_to_test.txt --output users_to_test.log
