Always Stay Ahead!

Kerberos authentication is one of the cores of the AD, knowing how it works facilitates the deep understanding of many attacks.

In order to understand attacks such as Pass the hash, relaying, Kerberos attacks, one should have pretty good knowledge about the windows Authentication / Authorization process.
That’s what we’re going to achieve in this series.
In this part we’re discussing the different types of windows hashes and focus on the NTLM authentication process.

  Part of an upcoming series trying to shed the light on attacks targeting Microsoft Kerberos implementation in Active Directory …