Which attack specifically exploits reuse of password-derived credentials to gain access?

The idea being tested is how attackers reuse password-derived credentials to gain access. Pass-the-Hash describes stealing the hashed form of a password and using that hash to authenticate to remote services, effectively proving identity without ever needing the plaintext password. This lets an attacker move laterally through a network by reusing the credential material itself across systems that accept the hash for authentication. It’s different from a replay attack, which involves reusing a previously captured valid session or token; in Pass-the-Hash, the attacker uses the credential value (the hash) as the login credential itself, not a reused session. A nonce is a one-time value to prevent replays, and HTTPS is just a secure transport protocol, not an attack targeting credential reuse.