Jan 2 · 4 min read · What is NTLM NTLM is an outdated and insecure authentication protocol that is still surprisingly common in modern Windows environments. While it may “just work,” it also opens the door to some of the most common and devastating Active Directory attac...
Join discussionSep 17, 2025 · 4 min read · Questions: Its suspected by the security team that there was a rogue device in Forela's internal network running responder tool to perform an LLMNR Poisoning attack. Please find the malicious IP Address of the machine. Before solving this, I had to...
Join discussion
Sep 6, 2024 · 6 min read · Introduction to HTB Noxious In this HTB lab, I dive into a real-world network forensics scenario involving an Active Directory network. The setup focuses on identifying and mitigating an LLMNR (Link-Local Multicast Name Resolution) poisoning attack, ...
Join discussion
Jan 24, 2024 · 4 min read · In today's interconnected world, where various applications and services interact seamlessly, encountering authentication protocols like NTLM can present unique challenges. This was precisely my dilemma when I encountered an API service requiring NTL...
Join discussion
Sep 10, 2023 · 2 min read · Introduction My final year project at the University of Malaga (Spain) is the creation of an Active Directory environment for its exploitation. The objective of this project is to highlight the most common attacks that occur in real business environm...
Join discussion