exploiting-zerologon-vulnerability-cve-2020-1472

This document is a high-risk exploitation playbook for CVE-2020-1472 (Zerologon) that provides actionable steps to reset a DC machine account password to empty, perform DCSync to extract all domain credential hashes (including krbtgt), and obtain full domain compromise via Pass-the-Hash and Golden Ticket techniques. It should be treated as offensive material: if present where not explicitly authorized, consider it a security incident, remove sensitive content, and investigate authorship and intent. If used for authorized testing, enforce strict approvals, monitoring, and immediate restoration procedures.