If allowed, some things I like in my Kali:
rlwrap
gobuster
bloodhound-python
tmux
seclists
*Make sure to set terminal transparency to 0% for the sake of report writing.
I keep forgetting how to use evil-winrm
General use case
evil-winrm -i [IP] -u [USERNAME] -p [PASSWORD]
Useful flags
-S
for SSL
-k [/path/to/key]
and -c [/path/to/cert]
can be used for a key/cert pair instead of conventional username/passwords. Typically requires SSL.
Deploy the sniffa
bloodhound-python -u [USER] -p [PASSWORD] -ns [IP] -d [DOMAIN] --dns-tcp -c all
./SharpHound.exe
or run Rubeus