Hunt NTLM information disclosure on Windows
hunt-ntlm-infoskillsetup L2★1,791
elementalsouls/Claude-BugHunter ↗What it does
Exploit NTLM protocol weaknesses: relay, downgrade, hash cracking, MIC bypass
Best for
Lateral movement in Windows domains when Kerberos is unavailable.
Inputs
- · NTLM challenge
- · Target SMB/HTTP endpoint
Outputs
- · Relay payload
- · Cracked NTLM hash
Requires
- · ntlmrelayx
- · hashcat
Preconditions
- · NTLM in use
- · Relay target accessible
Failure modes
- · SMB signing enforced
- · MIC validation enabled
Trust signals
- · Relay proof-of-concept
- · Hash extraction and cracking