No doubt, you’ve heard many times that the NTLM Relay support is about to be disabled in Windows. I’ve heard it many times, too, but it’s mid-2025, and I still encounter NTLM Relay in almost every project. This article discusses relevant NTLM Relay…
CONTINUE READING 🡒 Author: DrieVlad
IP cameras in pentesting. Improper use of security cameras
In the course of a pentesting audit, you can capture an image from a security camera and attach it to your report – just to please the customer. No doubt, such pictures are impressive, but what can be the real impact of attacks targeting cameras? Today I will…
CONTINUE READING 🡒 
Your guide to NTLM relay, Part 2: Delivering relay attacks
NTLM relay attacks aren’t new to pentesters. In most cases, the main prerequisite for a successful relay attack isn’t a vulnerability, but an infrastructure misconfiguration; this is why such attacks are often used in real-life situations. This article discusses relay attacks and techniques used to deliver them…
CONTINUE READING 🡒 
Your guide to NTLM relay: Hijacking NTLM authentication to deliver…
Why NTLM authentication is still present in many infrastructures? The correct answer is: because Windows cannot exist without it. But NTLM authentication is marred by a number of problems that can be exploited by attackers. One of such problems is its vulnerability to relay attacks. This article…
CONTINUE READING 🡒