Posts tagged: #pass-the-hash

NTLM is the MD4 of a UTF-16LE password: unsalted, fast, password-equivalent. How it differs from NetNTLMv2, where it lives, and why length is the only defence.

6/4/2026

ntlmhashcatactive directoryhash formats

Pass-the-Hash: authenticating with an NTLM hash you never cracked

Why an NTLM hash is password-equivalent, how pass-the-hash works with Impacket, NetExec and Mimikatz, and the controls that actually stop lateral movement.

6/4/2026

pass-the-hashntlmactive directorylateral movement