Research
-
Dumping LSASS with bypassing ASR defense mechanism
Read more: Dumping LSASS with bypassing ASR defense mechanismIntro Recently, I had a conversation about the Local Security Authority Subsystem Service (LSASS) process and its protection mechanisms. This inspired me to dig deeper into the topic and write this post, focusing on LSASS credential dumping and the various Windows protection mechanisms against it. I will not write a full description of LSASS here,…
.
-
NTLM authentication & Responder, HOW IT WORKS
Read more: NTLM authentication & Responder, HOW IT WORKSHi there, today’s talk about the responder tool. Beforehand I want to inform you that in this topic I will discuss the basics too. First of all we should deep dive into the NTLM user authentication process in the Windows environment. Let’s break down the basics of it. Windows doesn’t store your user account password…
.
