Okay, now to my actual question. If you've noticed, all of the above tools are local and/or single target tools. I've never tried taking over a network or out of lan servers. Lately I've done a bit of research and familiarized myself with the basic concepts of network pentesting (such as first taking over a client, then trying to elevate yourself to admin & domain admin by passing hashes, finding exploits in some machines, etc.). It sounds easy but with no experience in this field I'm really quite overwhelmed.
What I'm asking is that you, as pros (I'm assuming), could maybe list your workflow and tools on how you might take over a network. In my scenario, I have a domain of win xp virtual machines connected through lan.
All answers and advice greatly appreciated. Sorry if my question is not that high quality, I'd just like to know how professionals work and learn from them. Thank you!