NTLM / Relaying

A common error people do is mix LM, NT, NTLM, Net-NTLM etc. Let's make things clear. There are hashing formats used to store user passwords: LM, NT. And there are authentication protocols used to authenticate users to remote resources: LM, NTLMv1, and NTLMv2.

• LM hash and NT hash will refer to the hashing formats
• LM, NTLM(v1), and NTLMv2, will refer to the authentication protocols
• LMv1 and LMv2 are response formats that clients return when responding to NTLM_CHALLENGE NTLMv1 and NTLMv2 messages, respectively.

Yes.. this is confusing, but hey go tell this to Microsoft 😤

https://github.com/noraj/haiti

A CLI tool (and library) to identify hash types (hash type identifier).

https://github.com/c6fc/npk

NPK is a distributed hash-cracking platform built entirely of serverless components in AWS including Cognito, DynamoDB, and S3. It was designed for easy deployment and the intuitive UI brings high-power hash-cracking to everyone.