Useful Links
Computer Science
Cybersecurity
Kerberos and NTLM Security Vulnerabilities
1. Foundations of Windows Authentication
2. NTLM Protocol Architecture
3. NTLM Security Vulnerabilities
4. Kerberos Protocol Fundamentals
5. Kerberos Security Vulnerabilities
6. Attack Methodology and Lateral Movement
7. Detection and Monitoring
8. Mitigation and Hardening Strategies
NTLM Security Vulnerabilities
Credential Extraction Attacks
LSASS Memory Dumping
Process Memory Access
MiniDumpWriteDump API
Task Manager Method
ProcDump Utility
Privilege Requirements
SAM Database Extraction
Offline Registry Access
Volume Shadow Copy Service
Live System Extraction
Registry Hive Copying
Cached Credential Extraction
MSCache Hash Format
Domain Cached Credentials (DCC)
DCC2 Hash Format
Pass-the-Hash Attacks
Attack Methodology
Hash Acquisition
Authentication Bypass
Session Establishment
Technical Implementation
NTLM Authentication Flow Abuse
Token Manipulation
Process Injection
Attack Tools
Mimikatz
Windows Credential Editor (WCE)
Metasploit Modules
PowerShell Empire
Lateral Movement Techniques
WMI Execution
PsExec-style Tools
Remote Service Creation
NTLM Relay Attacks
Attack Prerequisites
Man-in-the-Middle Positioning
SMB Signing Disabled
Target Service Identification
SMB Relay
NetBIOS Name Service Poisoning
LLMNR Poisoning
Responder Tool Usage
Cross-Protocol Relay
HTTP/HTTPS Relay
Web Application Integration
NTLM over HTTP
Cross-Site Request Forgery (CSRF) Integration
Multi-Relay Attacks
Relay Chain Establishment
Privilege Escalation Through Relay
Hash Cracking Attacks
Offline Brute Force
Dictionary Attacks
Hybrid Attacks
Mask Attacks
Rainbow Table Attacks
Precomputed Hash Tables
Time-Memory Trade-off
LM Hash Vulnerability
Cracking Tools
Hashcat
John the Ripper
Ophcrack
Custom Scripts
Previous
2. NTLM Protocol Architecture
Go to top
Next
4. Kerberos Protocol Fundamentals