NTLM - Pass The Hash - Lateral movement
Why Crack When You Can Pass the Hash?
https://www.sans.org/reading-room/whitepapers/testing/crack-pass-hash-33219
Abusing Kerberos
https://www.blackhat.com/docs/us-14/materials/us-14-Duckwall-Abusing-Microsoft-Kerberos-Sorry-You-Guys-Don't-Get-It-wp.pdf
https://github.com/gentilkiwi/mimikatz
https://en.wikipedia.org/wiki/NT_LAN_Manager
Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft
(FONDAMENTALE E CHIARISSIMO)
https://www.microsoft.com/en-us/download/details.aspx?id=36036
Microsoft: Defending Against Pass-The-Hash Attacks
https://www.microsoft.com/security/sir/strategy/default.aspx#!password_hashes
https://www.microsoft.com/security/sir/strategy/default.aspx#!pass_the_hash_defenses
NT LAN Manager (NTLM) Authentication Protocol
https://www.sans.org/reading-room/whitepapers/testing/crack-pass-hash-33219
Abusing Kerberos
https://www.blackhat.com/docs/us-14/materials/us-14-Duckwall-Abusing-Microsoft-Kerberos-Sorry-You-Guys-Don't-Get-It-wp.pdf
https://github.com/gentilkiwi/mimikatz
https://en.wikipedia.org/wiki/NT_LAN_Manager
Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft
(FONDAMENTALE E CHIARISSIMO)
https://www.microsoft.com/en-us/download/details.aspx?id=36036
Microsoft: Defending Against Pass-The-Hash Attacks
https://www.microsoft.com/security/sir/strategy/default.aspx#!password_hashes
https://www.microsoft.com/security/sir/strategy/default.aspx#!pass_the_hash_defenses
NT LAN Manager (NTLM) Authentication Protocol
https://msdn.microsoft.com/en-us/library/cc236621.aspx
(specifica del protocollo; complicatissima)
Unofficial Guide to Mimikatz
https://adsecurity.org/?p=2207
How Attackers Extract Credentials (Hashes) From LSASS
https://adsecurity.org/?p=462
(specifica del protocollo; complicatissima)
Unofficial Guide to Mimikatz
https://adsecurity.org/?p=2207
How Attackers Extract Credentials (Hashes) From LSASS
https://adsecurity.org/?p=462
