Capturing and Relaying NTLM Authentication: Methods and Techniques

Note: This is a cross-post of a blog entry I wrote for Red Cursor. The original can be found here: This blog post »

10 Web Vulnerabilities That You Should Be on the Lookout For

These are some interesting web attacks that I have either found, read about or theorized. They should all work in practice. 1. Unicode Transliteration (Best-Fit Mapping) Unicode transliteration is the »

Pass-The-Hash with RDP in 2019

There seems to be a common misconception that you cannot Pass-The-Hash (a NTLM hash) to create a Remote Desktop Connection to a Windows workstation or server. This is untrue. Starting »

Windows Credential Management, Logon Sessions and the Double Hop Problem

I wanted to provide a quick overview on Windows credential management in relation to penetration testing, why passwords are not always stored in memory and the Double Hop problem. Windows »