AS-REP Roasting is the technique that allows retrieving password hashes for users that have this flag set in Active Directory. Additionally, various cybersecurity and hacking tools allow cracking the TGTs harvested from Active Directory. These include Rubeus and Hashcat.
Using a tool like Rubeus, attackers can find the accounts that do not require preauthentication and then extract the ticket-granting ticket (TGT) data for cracking the password offline.
Data can be transformed into a format that can be cracked by an offline tool such as Hashcat, which can use brute force password cracking against the hashes. This process incorporates the use of a dictionary file for brute-force password guessing.