Kerberoasting and AS-REP roasting - DCSync for credential harvesting - Golden and Silver ticket attacks - Delegation abuse (constrained, unconstrained, resource-based) - Certificate Services (AD CS) abuse: ESC1-ESC8 attacks - Shadow Credentials and Key Trust attacks