If you're not familiar with Canarytokens, they are web bugs that you can embed into various forms.  From their website:  "You'll be familiar with web bugs, the transparent images which track when someone opens an email. They work by embedding a unique URL in a page's image tag, and monitoring incoming GET requests.  Imagine doing that, but for file reads, database queries, process executions or patterns in log files. Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots."

From the Hack the Box website:  "What Are Pro Labs -- Interactive, hands-on, complex scenarios that give players the chance to penetrate enterprise infrastructure and hone their offensive engagement skills. Pick any of our Pro Labs, own it, and get your certificate of completion."

In a past life, I was part of an IT team who did the integrations for mergers & acquisitions.  When we would bring a new company into the fold, we would tie our domains together through Trusts.  Initially, we would just establish the Trust without moving any users into groups.  That's the position we have right here and we're going to abuse this relationship in order to pivot from the child domain to the parent domain.  

We need a couple of tools:  Mimikatz and PowerSploit: