NTLM is one of the most iconic and common attacks on Active Directory environments. In this attack, the attacker (Relayer) captures an authentication and pass it to their desired server. This allows them to use the authenticated user’s privileges to perform malicious operations to the attacked server. New vulnerabilities that expose the network to NTLM … Continue reading Why NTLMv1 will always be vulnerable to NTLM Relay attacks