#ntlm

LocalPotato
LocalPotato

Another local Windows privilege escalation using a new potato technique.

ShuckNT
ShuckNT

Dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard.

msLDAPDump
msLDAPDump

LDAP enumeration tool implemented in Python3.

LDAP Relay Scan
LDAP Relay Scan

Check for LDAP protections regarding the relay of NTLM authentication.

Hash Muncher
Hash Muncher

Grab NetNTLMv2 hashes using ETW with administrative rights on Windows.

dumpcreds
dumpcreds

May be used to extract various credentials from running processes.

NTLMRecon
NTLMRecon

Enumerate information from NTLM authentication enabled web endpoints.

pypykatz
pypykatz

Mimikatz implementation in pure Python.

KeyTabExtract
KeyTabExtract

Extracts Key Values from .keytab files.

RidRelay
RidRelay

Enumerate usernames on a domain where you have no creds by using SMB relay.

l0phtcrack
l0phtcrack

Crack Windows passwords from hashes.

mimikatz
mimikatz

A little tool to play with Windows security.

Ophcrack
Ophcrack

Windows password cracker based on rainbow tables.

evil SSDP
evil SSDP

Spoof SSDP replies to phish for credentials and NetNTLM challenge/response.

Burp NTLM Challenge Decoder
Burp NTLM Challenge Decoder

Burp extension to decode NTLM SSP headers and extract domain/host information.