NTLM relay

GPTKB entity

Statements (24)
Predicate Object
gptkbp:instanceOf cybersecurity attack technique
gptkbp:can_be_performed_over gptkb:HTTP
gptkb:LDAP
gptkb:MSSQL
gptkb:SMB
gptkb:RDP
gptkbp:detects network monitoring
SIEM tools
gptkbp:enables unauthorized access
gptkbp:exploits challenge-response authentication
lack of message integrity
gptkbp:firstDescribed 2001
https://www.w3.org/2000/01/rdf-schema#label NTLM relay
gptkbp:mitigatedBy disabling NTLM
enabling LDAP signing
enabling SMB signing
using Extended Protection for Authentication
gptkbp:relatedTo gptkb:pass-the-hash_attack
man-in-the-middle attack
gptkbp:supportsProtocol gptkb:NTLM
gptkbp:target Windows authentication
gptkbp:bfsParent gptkb:Impacket
gptkb:CrackMapExec
gptkbp:bfsLayer 7