A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
AD Security Intrusion Detection System
Enable drop-in Windows Single Sign On for popular Java web servers.
Enumerate information from NTLM authentication enabled web endpoints 🔎
Generates malicious LNK file payloads for data exfiltration
Bruteforce HTTP Authentication
Expose Microsoft Windows SSPI to Node for SSO authentication.
A set of prioritized Hashcat .hcmask files intelligently developed from terabytes of password breach datasets and organized by run time.
Identify the accounts most vulnerable to dictionary attacks
本项目是一篇NTLM中高级进阶进阶文章,后续我也会在Github和Gitbook对此文进行持续性的更新NTLM以及常见的协议中高级进阶并计划开源部分协议调试工具,望各位issue勘误。
A nginx module to allow proxying requests with NTLM Authentication.
A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
SMBExec implementation in Nim - SMBv2 using NTLM Authentication with Pass-The-Hash technique
ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).