Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybersecurity_attack_technique
|
| gptkbp:allows |
authentication without password
|
| gptkbp:canBeBypassedBy |
password authentication
|
| gptkbp:category |
post-exploitation technique
lateral movement technique |
| gptkbp:countermeasures |
use of Kerberos
enabling credential guard restricting lateral movement |
| gptkbp:detects |
endpoint detection and response tools
monitoring authentication logs |
| gptkbp:exploits |
gptkb:NTLM_authentication_protocol
|
| gptkbp:firstDescribed |
1997
|
| gptkbp:relatedTo |
gptkb:Mimikatz
hash dumping pass-the-ticket |
| gptkbp:requires |
administrator privileges
hash of user password |
| gptkbp:target |
gptkb:Windows_operating_systems
|
| gptkbp:usedIn |
Windows authentication attacks
|
| gptkbp:bfsParent |
gptkb:CrackMapExec
|
| gptkbp:bfsLayer |
8
|
| https://www.w3.org/2000/01/rdf-schema#label |
pass-the-hash
|