What is AS-REPRoasting and how does it work?

AS-REPRoasting is a domain penetration technique similar to Kerberoasting that targets users with the 'Do not require Kerberos preauthentication' option enabled. By sending an AS-REQ to the domain controller, an attacker can extract a ticket that contains the user's password hash, which can then be cracked offline with tools like hashcat to recover the plaintext password.