Etiquetas » Ntlm

Dixin's Blog - Use Fiddler with Node.js

[] Dixin’s Blog – Use Fiddler with Node.js Fiddler is an useful HTTP proxy debugger on Windows. It would be nice if it can work with Node.js applications. 120 palabras más


Microsoft Exchange - NTLM Relay

Gaining access to the mailbox of a user during a penetration test or a red team engagement can lead to arbitrary code execution, discovery of sensitive data such as credentials or performing internal Phishing to expand access across the network. 535 palabras más

Red Team

Mitigating Microsoft's June 2019 NTLM Vulnerabilities

Microsoft issued an update yesterday to resolve 2 vulnerabilities within Windows that can be used to allow an attacker to authenticate and run code remotely. 247 palabras más

Security Advice

SMB explained

Full article:


At its most basic, SMB is a protocol to allow devices to perform a number of functions on each other over a (usually local) network. 167 palabras más

Windows Server/Client

Kerberos is not used when you connect to SMB shares by using IP address

When you connect to remote Server Message Block (SMB) services shares by using \\192.x.y.z\share name, Kerberos is not used, and the Internet Protocol (IP) SMB file share access does not use Kerberos. 134 palabras más

Windows Server/Client

SharePoint 2013/2016/2019: Use CSOM in SharePoint Site with multiple authentication schemes


I have a SharePoint site collection which has multiple authentication schemes (say Windows NTLM, Azure AD, Okta, ADFS or any other 3rd party Identity provider) on same URL. 322 palabras más

Sharepoint 2013

Data-tracking Chrome flaw triggered by viewing PDFs

Researchers have spotted an unusual ‘trackware’ attack triggered by viewing a PDF inside the Chrome browser.

Security company EdgeSpot said it noticed suspicious PDFs, which seem to have been circulating since 2017, sending HTTP POST traffic to the tracking site 376 palabras más