GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks

https://www.gosecure.net/blog/2021/11/22/gosecure-investigates-abusing-windows-server-update-services-wsus-to-enable-ntlm-relaying-attacks/

https://github.com/GoSecure/ldap-scanner