[ad] The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and […]
hacking-windows
TSGrinder – Brute Force Terminal Services Server
This is a tool that has been around quite some time too, it’s still very useful though and it’s a very niche tool specifically for brute forcing Windows Terminal Server. TSGrinder is the first production Terminal Server brute force tool, and is now in release 2. The main idea here is that the Administrator account, […]
fgdump 2.1.0 and pwdump 1.7.1 Released – Dump LanMan & NTLM Hashes
[ad] The major change is both tools now support 64-bit targets! Good news for us. pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, and should be stable on XP SP2 and […]
Sandman – Read the Windows Hibernation File
[ad] This is a pretty new tool and a very cool one, Hibernation is a fairly new feature for Windows so it’s good to see a new tool targeting that. Microsoft provides a feature called Hibernation also know as suspend to disk that aims to save the system state into an undocumented file called hiberfil.sys. […]
Pass-The-Hash Toolkit v1.3 is Available for Download
[ad] The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and […]