Your guide to NTLM relay, Part 2: Delivering relay attacks

Date: 27/01/2025

NTLM relay attacks aren’t new to pentesters. In most cases, the main prerequisite for a successful relay attack isn’t a vulnerability, but an infrastructure misconfiguration; this is why such attacks are often used in real-life situations. This article discusses relay attacks and techniques used to deliver them – assuming that you have already hijacked NTLM authentication.
Read full article →

Your guide to NTLM relay: Hijacking NTLM authentication to deliver a relay attack

Date: 24/01/2025

Why NTLM authentication is still present in many infrastructures? The correct answer is: because Windows cannot exist without it. But NTLM authentication is marred by a number of problems that can be exploited by attackers. One of such problems is its vulnerability to relay attacks. This article discusses authentication hijacking techniques enabling you to deliver a relay attack.
Read full article →