In this workshop, SANS certified instructor Jean-François Maes will walk you through some of the most used NTLM relay attack paths pentesters use to compromise the domain.
We will take a look at:
BEFORE THE WORKSHOP: This workshop requires a large local LAB that must be downloaded prior to the workshop. Download is available here: https://sansurl.com/ntlm-workshop-range
Please note - The VMs are designed to be run on an Intel processor, so M-chip macbooks will not be able to run this lab.
Prerequisites: Some pre-existing knowledge of networking and active directory will be handy, but not required.
Lab Walkthrough to be used with the presentation slides: https://jfmaes-1.gitbook.io/ntlm-relaying-like-a-boss-get-da-before-lunch/
Please note – we will not be able to troubleshoot or support any local access or browser issues.