What tools are commonly used for Pass the Hash on Windows systems?

Common Windows tools for Pass the Hash include `wmiexec.py` from Impacket (e.g., `wmiexec -hashes LMHASH:NTHASH TEST/test1@target whoami`), the PowerShell `Invoke-TheHash` suite (Invoke-WMIExec, Invoke-SMBExec, Invoke-SMBClient), and mimikatz's `sekurlsa::pth` function. These tools allow remote command execution or file manipulation using only the password hash. For additional remote execution methods, see Domain Penetration - Remote Execution via Scheduled Tasks in GPO.