Summary
This chapter has covered a lot of material. We built out a domain controller with AD, set up a DNS server and a DHCP server, created a file share, and used multiple tools to enumerate, poison traffic, and gain shells. Every one of these topics and tools is deserving of its own book. To be honest, writing about the corporate side after spending a career in the operational technology field does feel a bit like "imposter syndrome." I can certainly reaffirm the importance of practicing gaining access to individual hosts on the corporate network, as no two pentest engagements are alike. You cannot expect to succeed if you don't try harder and round out your skillset. In the next chapter, we will be diving deeper into the network by pivoting through our current lab setup to examine the process level and ultimately end up controlling the physical I/O.
