b17zr / Ntlm_challenger
Licence: mit
Parse NTLM challenge messages over HTTP and SMB
Stars: ✭ 106
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Ntlm challenger
Badkarma
network reconnaissance toolkit
Stars: ✭ 353 (+233.02%)
Mutual labels: reconnaissance, information-gathering
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+5725.47%)
Mutual labels: reconnaissance, information-gathering
Phoneinfoga
PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+5491.51%)
Mutual labels: reconnaissance, information-gathering
DaProfiler
DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
Stars: ✭ 58 (-45.28%)
Mutual labels: information-gathering, reconnaissance
Social Analyzer
API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+7870.75%)
Mutual labels: reconnaissance, information-gathering
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-18.87%)
Mutual labels: information-gathering, reconnaissance
Sherlock
🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+26851.89%)
Mutual labels: reconnaissance, information-gathering
lazyGrandma
a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves
Stars: ✭ 49 (-53.77%)
Mutual labels: information-gathering, reconnaissance
Sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+559.43%)
Mutual labels: reconnaissance, information-gathering
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+6392.45%)
Mutual labels: reconnaissance, information-gathering
phomber
Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (-44.34%)
Mutual labels: information-gathering, reconnaissance
Github Recon
GitHub Recon — and what you can achieve with it!
Stars: ✭ 47 (-55.66%)
Mutual labels: reconnaissance, information-gathering
querytool
Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-1.89%)
Mutual labels: information-gathering, reconnaissance
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+3099.06%)
Mutual labels: reconnaissance, information-gathering
sherlock
🔎 Find usernames across social networks
Stars: ✭ 52 (-50.94%)
Mutual labels: information-gathering, reconnaissance
Gasmask
Information gathering tool - OSINT
Stars: ✭ 518 (+388.68%)
Mutual labels: reconnaissance, information-gathering
Recon-X
Advanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-74.53%)
Mutual labels: information-gathering, reconnaissance
tugarecon
Pentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+33.96%)
Mutual labels: information-gathering, reconnaissance
Favfreak
Making Favicon.ico based Recon Great again !
Stars: ✭ 564 (+432.08%)
Mutual labels: reconnaissance, information-gathering
Eyes
👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-64.15%)
Mutual labels: reconnaissance, information-gathering
NTLM Challenger
ntlm_challenger will send a NTLM negotiate message to a provided HTTP or SMB endpoint that accepts NTLM authentication, parse the challenge message, and print information received from the server.
Requirements
ntlm_challenger supports Python 3.
The requests
library is used to make HTTP(S) requests. impacket
is used to set up the SMB connection.
Usage
Send NTLM negotiate message to the provided URL and parse the challenge message.
python3 ntlm_challenger.py <URL>
HTTP Example:
$ python3 ntlm_challenger.py 'https://autodiscover.hackin.club/autodiscover/'
Target (Domain): HACKIN
Version: Server 2012 / Windows 8 (build 9200)
TargetInfo:
MsvAvNbDomainName: HACKIN
MsvAvNbComputerName: EXCH01
MsvAvDnsDomainName: hackin.club
MsvAvDnsComputerName: EXCH01.hackin.club
MsvAvDnsTreeName: hackin.club
MsvAvTimestamp: Nov 3, 2019 01:07:16.573170
Negotiate Flags:
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_TARGET_TYPE_DOMAIN
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
SMB Example:
$ python3 ntlm_challenger.py 'smb://192.168.39.152'
Target (Server): DESKTOP-G1984A4
Version: Server 2016 or 2019 / Windows 10 (build 18362)
TargetInfo:
MsvAvNbDomainName: DESKTOP-G1984A4
MsvAvNbComputerName: DESKTOP-G1984A4
MsvAvDnsDomainName: DESKTOP-G1984A4
MsvAvDnsComputerName: DESKTOP-G1984A4
MsvAvTimestamp: Mar 20, 2020 01:54:23.634713
Negotiate Flags:
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_TARGET_TYPE_SERVER
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_56
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].