close menu
Shop Our Merch Report A Breach 1-877-550-4728
Latest
Situational Awareness BOFs for Script Kiddies
March 21, 2023
By Adam Todd in Research
Featured
Looting iOS App’s Cache.db
December 1, 2022
By Drew Kirkpatrick in Application Security Assessment, Mobile Security Assessment, Penetration Testing, Program Assessment & Compliance, Program Development, Research, Security Testing & Analysis
Most Read
The Art of Bypassing Kerberoast Detections with Orpheus
November 17, 2022
By Ben Mauch in Penetration Testing, Purple Team Adversarial Detection & Countermeasures, Red Team Adversarial Attack Simulation, Research, Security Testing & Analysis

Practical Attacks against NTLMv1

September 15, 2022
By Esteban Rodriguez in Penetration Testing, Security Testing & Analysis
1.1      Introduction This blog is meant to serve as a guide for practical exploitation of systems that allow for the NTLMv1 authentication protocol. While NTLMv1 is hardly ever needed anymore, a surprising number of organizations still use it, perhaps unknowingly. There are however some VPN products that still currently instruct their users to downgrade NLTM...

Manipulating User Passwords Without Mimikatz

March 3, 2022
By Esteban Rodriguez in Password Audits, Penetration Testing, Red Team Adversarial Attack Simulation, Security Testing & Analysis, Social Engineering
There are two common reasons you may want to change a user’s password during a penetration test: You have their NT hash but not their plaintext password. Changing their password to a known plaintext value can allow you to access services in which Pass-the-Hash is not an option. You don’t have their NT hash or...

  • Search the blog

  • Search by Author

  • Browse by date

  • Browse by Category

  • Clear Form
3485 Southwestern Boulevard
Fairlawn, OH 44333
1-877-550-4728
  • Follow TrustedSec on Twitter
  • Connect with TrustedSec on LinkedIn
  • Get TrustedSec's RSS feed

Get TrustedSec in your inbox

Sign up to receive the latest in cybersecurity news and resources

    By submitting this form, I agree to receive marketing communications from TrustedSec, which I can unsubscribe from at any time.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    © Copyright 2023 by TrustedSec. All rights reserved.