Useful Links
Computer Science
Cybersecurity
Kerberos and NTLM Security Vulnerabilities
1. Foundations of Windows Authentication
2. NTLM Protocol Architecture
3. NTLM Security Vulnerabilities
4. Kerberos Protocol Fundamentals
5. Kerberos Security Vulnerabilities
6. Attack Methodology and Lateral Movement
7. Detection and Monitoring
8. Mitigation and Hardening Strategies
NTLM Protocol Architecture
NTLM Evolution and Versions
LAN Manager (LM) Protocol
NTLM Version 1 (NTLMv1)
NTLM Version 2 (NTLMv2)
Extended Session Security
Current Status and Deprecation
NTLM Authentication Process
Type 1 Message (Negotiate)
Type 2 Message (Challenge)
Type 3 Message (Authentication)
Challenge-Response Mechanism
Session Key Establishment
NTLM Hash Types
LM Hash
DES-based Algorithm
Case Insensitivity Weakness
14-Character Limitation
Storage Format
NT Hash
MD4-based Algorithm
Unicode Support
Storage Format
Salting Absence
NTLM in Network Protocols
SMB/CIFS Authentication
HTTP NTLM Authentication
LDAP NTLM Authentication
RPC Authentication
NTLM Storage Mechanisms
SAM Database Storage
LSASS Memory Storage
Cached Credentials
Registry Storage Locations
Previous
1. Foundations of Windows Authentication
Go to top
Next
3. NTLM Security Vulnerabilities