PRIMARY CATEGORY → KERBEROS RELAY
Theory
User Account
Unauthenticated through DHCPv6 to DNS Spoofing (mitm6) or via LLMNR, NBT-NS or mDNS Spoofing
Authenticated - Computer Account
Authenticated → Coercion must be carried out
Resources
Synacktiv: Abusing Multicast Poisoning for Pre-Auth Kerberos Relay over HTTP