A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
AD Security Intrusion Detection System
Enumerate information from NTLM authentication enabled web endpoints 🔎
Enable drop-in Windows Single Sign On for popular Java web servers.
Generates malicious LNK file payloads for data exfiltration
Bruteforce HTTP Authentication
A set of prioritized Hashcat .hcmask files intelligently developed from terabytes of password breach datasets and organized by run time.
Expose Microsoft Windows SSPI to Node for SSO authentication.
Identify the accounts most vulnerable to dictionary attacks
本项目是一篇NTLM中高级进阶进阶文章,后续我也会在Github和Gitbook对此文进行持续性的更新NTLM以及常见的协议中高级进阶并计划开源部分协议调试工具,望各位issue勘误。
A nginx module to allow proxying requests with NTLM Authentication.
A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique
ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).