Secondary Categories: 02-Initial Access
Description:
There are some applications that allow for users or applications such as browser authenticate over HTTP using NTLM. In order to find thes application we can use a tool such as NTLMRecon to find endpoints to try a password spray against the endpoints.
NTLM Recon outputs a CSV list of the endpoints it identified that can be passed to SprayCharles for attempting to gain access to a account
Resources:
Title | URL |
---|---|
NTLMRecon | https://github.com/pwnfoo/NTLMRecon |
SprayCharles | https://github.com/Tw1sm/spraycharles |
Password Spraying | https://www.sprocketsecurity.com/blog/how-to-bypass-mfa-all-day |
Also Check Out:
- PLACEHOLDER