What is the PEAS tool and what capabilities does it offer for penetration testing?

PEAS (Python Exchange ActiveSync) is an open-source tool built on pyActiveSync that extends functionality to include credential verification, email extraction, and—most critically—file share enumeration and file retrieval. Attackers can use PEAS to list and download files from internal UNC shares, such as `\\dc1\SYSVOL`, simply by authenticating to Exchange ActiveSync. This technique demonstrates how a single compromised mailbox can lead to lateral movement within a domain, as described in the article on Enabling Anonymous Access Shares on Windows Systems.