recentpopularlog in

whip_lash : hash   24

GitHub - evilmog/ntlmv1-multi: NTLMv1 Multitool
NTLMv1 Multitool

This tool modifies NTLMv1/NTLMv1-ESS/MSCHAPv2 hashes so they can be cracked with DES Mode 14000 in hashcat
hash  hashcat  ntlm  cracking  pentest 
6 weeks ago by whip_lash
GitHub - Coalfire-Research/npk: A mostly-serverless distributed hash cracking platform
NPK lets you leverage extremely powerful hash cracking with the 'pay-as-you-go' benefits of AWS. For example, you can crank out as much as 1.2TH/s of NTLM for a mere $14.70/hr. NPK was also designed to fit easily within the free tier while you're not using it! Without the free tier, it'll still cost less than 25 CENTS per MONTH to have online!

---You can go through the entire keyspace of Upper, Lower, Num, Symbol in...

Less than 4 days.*

* NTLM Hash @ 1.89TH/s @ $22/hr

— Tinker ❎ (@TinkerSec) March 22, 2019
hacking  pentesting  security  tools  hash  hashes 
9 weeks ago by whip_lash
SlavaSoft HashCalc - Hash, CRC, and HMAC Calculator
A fast and easy-to-use calculator that allows to compute message digests, checksums and HMACs for files, as well as for text and hex strings. It offers a choice of 13 of the most popular hash and checksum algorithms for calculations.
hash  hashes  security 
january 2019 by whip_lash
Dumping Domain Password Hashes
There are various techniques that can be used to extract this file or the information that is stored inside it however the majority of them are using one of these methods:

Domain Controller Replication Services
Native Windows Binaries
hash  activedirectory  pentest 
september 2018 by whip_lash
Love letters from the red team: from e-mail to NTLM hashes with Microsoft Outlook
Even though all it takes to exploit the issue is the ability to send an HTML e-mail, meaning it is possible to use any e-mail client or even a script to automate this attack, in this section we will describe how to achieve this using Microsoft Outlook itself.
responder  outlook  hash  email  pentest 
july 2018 by whip_lash
Practical guide to NTLM Relaying in 2017 (A.K.A getting a foothold in under 5 minutes) // byt3bl33d3r // /dev/random >
This article is going to be talking about what you can do with Net-NTLM in modern windows environments.
hash  ntlm  relay  windows  pentest  security 
june 2018 by whip_lash
SANS Penetration Testing | SMB Relay Demystified and NTLMv2 Pwnage with Python | SANS Institute
But, don't worry. We've got you covered. Until then, it is PYTHON TO THE RESCUE! Two weeks ago, I showed you in my blog post about using a Python version of psexec at It is a Python implementation of psexec that is distributed with the IMPACKET modules. The team writing the IMPACKET module for Python is doing some really awesome work. First of all, the modules they have written are awesome. Beyond that, they have created several example programs that demonstrate the power of their Python modules. Best of all, the SMBRELAYX.PY script that comes with IMPACKET supports NTLMv2! Sweetness, thy name is IMPACKET!
impacket  python  security  smb  relay  ntlm  hash  script  pentest 
june 2018 by whip_lash
SANS Penetration Testing | Modern Web Application Penetration Testing Part 2, Hash Length Extension Attacks | SANS Institute
Favorite tweet:

SANS | #PenTest Blog

Modern Web App Pen Testing Part 2, Hash Length Extension Attacks
by @adriendb (SEC642)


— SANS Pen Test (@SANSPenTest) June 28, 2018
hashextension  hash  webapp  pentest  security 
june 2018 by whip_lash
GitHub - trustedsec/hate_crack: A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
Favorite tweet:

Hey pentesters / redteam folks: if you regularly crack hashes (especially for environments with complex passwords) you owe it to yourself to check out @TrustedSec’s HateCrack - a wrapper for Hashcat that works really, really well.

— Jayme (@highmeh) November 27, 2018
security  hash  hashcat  hashes  pentest 
march 2018 by whip_lash
GitHub - eladshamir/Internal-Monologue: Internal Monologue Attack: Retrieving NTLM Hashes without Mimikatz
The Internal Monologue Attack flow is described below:

Disable NetNTLMv1 preventive controls by changing LMCompatibilityLevel, NTLMMinClientSec and RestrictSendingNTLMTraffic to appropriate values, as described above.
Retrieve all non-network logon tokens from currently running processes and impersonate the associated users.
For each impersonated user, interact with NTLM SSP locally to elicit a NetNTLMv1 response to the chosen challenge in the security context of the impersonated user.
Restore the original values of LMCompatibilityLevel, NTLMMinClientSec and RestrictSendingNTLMTraffic.
Crack the NTLM hash of the captured responses using rainbow tables.
Pass the Hash.
hash  postexploitation  pentest  security  github 
march 2018 by whip_lash
Public Release of Hate_Crack - Automated Hash Cracking Techniques with HashCat - TrustedSec
Martin Bos covered several of these attacks in a previous post, describing his methodology for cracking the LinkedIn hash dump of 2012. If you don’t know Martin (formerly known as pure_hate), he is a long-standing member of Team Hashcat, has competed in several hash cracking contests, and has an unhealthy obsession with cracking hashes. The sharing of his methodology inspired the creation of this script, so that our team could up their hash cracking game.
hash  hashcat  hashes  pentest 
february 2018 by whip_lash
mitm6 – compromising IPv4 networks via IPv6 | Fox-IT International blog
Running the attack itself is quite straightforward. First we start mitm6, which will start replying to DHCPv6 requests and afterwards to DNS queries requesting names in the internal network. For the second part of our attack, we use our favorite relaying tool, ntlmrelayx. This tool is part of the impacket Python library by Core Security and is an improvement on the well-known smbrelayx tool, supporting several protocols to relay to. Core Security and Fox-IT recently worked together on improving ntlmrelayx, adding several new features which (among others) enable it to relay via IPv6, serve the WPAD file, automatically detect proxy requests and prompt the victim for the correct authentication. If you want to check out some of the new features, have a look at the relay-experimental branch.

To serve the WPAD file, all we need to add to the command prompt is the host is the -wh parameter and with it specify the host that the WPAD file resides on. Since mitm6 gives us control over the DNS, any non-existing hostname in the victim network will do. To make sure ntlmrelayx listens on both IPv4 and IPv6, use the -6 parameter. The screenshots below show both tools in action, mitm6 selectively spoofing DNS replies and ntlmrelayx serving the WPAD file and then relaying authentication to other servers in the network.

hash  relay  ipv6  mitm  pentest  security 
january 2018 by whip_lash
Researchers Find Trove of 1.4 Billion Breached Credentials - Infosecurity Magazine
This dump aggregates 252 previous breaches, including known credential lists such as Anti Public and, decrypted passwords of known breaches like LinkedIn as well as smaller breaches like Bitcoin and Pastebin sites

passwords  hash  hacking 
december 2017 by whip_lash

Copy this bookmark:

to read