Skip to content
Hash Identifier

Posts tagged: #ntlm

Back to all posts
Finding the right hashcat -m mode (and what to do when you get it wrong)
Hashcat won't autodetect anything. Here is how to pick the correct -m mode, disambiguate look-alike hashes, and read the errors that mean you chose wrong.
hashcathash identificationpassword crackingntlm
What an NTLM hash actually is
NTLM is the MD4 of a UTF-16LE password: unsalted, fast, password-equivalent. How it differs from NetNTLMv2, where it lives, and why length is the only defence.
ntlmhashcatactive directoryhash formats
Pass-the-Hash: authenticating with an NTLM hash you never cracked
Why an NTLM hash is password-equivalent, how pass-the-hash works with Impacket, NetExec and Mimikatz, and the controls that actually stop lateral movement.
pass-the-hashntlmactive directorylateral movement