In what real‑world penetration testing scenarios might an attacker want to trigger a BSOD to force a system reboot?

During penetration tests, forcing a reboot is useful after deploying a Password Filter DLL, enabling Wdigest authentication, or restarting a domain controller to apply changes. The techniques in the Analysis of Exploitation Techniques for Triggering BSOD by Terminating Processes provide a reliable method to crash the system, which then forces a reboot. Similar concepts are explored in articles like Penetration Techniques - From Exchange File Read/Write Permissions to Command Execution, where triggers are needed for post‑exploitation steps.