Voleur is a medium Windows box simulating an assumed-breach with low-priv user creds. Crack an encrypted Excel to get creds, use WinRM via password-spraying and DACL abuse, restore an AD user from Recycle Bin, decrypt DPAPI to extract an SSH key for WSL, access mounted `C:\` as root to dump NTDS backups and parse NTDS to obtain a Domain Administrator shell.