Basically Kerberos encripts TGTs which is just a ticket that the Domain Controller provides to the user, with the kerberos hash. The TGS is basically a longer hash afterwards. We present the TGS to be able to use other services without having to provide manual authentication. (NOT AD EXPERT DONT KILL ME :()
python3 GetUserSPNs.py <DOMAIN/username:password> -dc-ip <ip of domain controller > -request
