see:

• https://aas-s3curity.gitbook.io/cheatsheet/internalpentest/active-directory/exploitation/exploit-without-account/smb-relay
• https://www.thehacker.recipes/ad/movement/ntlm/relay
• https://www.secureauth.com/blog/we-love-relaying-credentials-a-technical-guide-to-relaying-credentials-everywhere/
• https://luemmelsec.github.io/Relaying-101/