Adversaries may use alternate authentication material, such as password hashes, Kerberos tickets, and application access tokens, to move laterally and bypass access controls.
The MITRE Corporation. (2024). MITRE ATT&CK Enterprise Matrix. https://attack.mitre.org/matrices/enterprise/
