After getting initial access in a network, your next task is to move laterally and escalate privileges. In this course, you will see the Responder tool which allows you to exploit vulnerabilities on the LLMNR and NBT-NS protocols to get credentials
One of the main objectives on a red team engagement is to get access to several user accounts (lateral movement) as well as administrator accounts (privilege escalation). After getting initial access to the internal network, you can launch several attacks to harvest credentials. In this course, Credential Access with Responder, you will explore one of the most important tools for lateral movement and privilege escalation, the Responder tool - a LLMNR, NBT-NS, and MDNS poisoner developed by Laurent Gaffie. First, you will exploit vulnerabilities on the LLMNR protocol. Then, you will use NBT-NS and MDNS protocols to gather credentials of domain users. Finally, you will learn not only how to get NTLM hashes, but also how to crack them to get plain text passwords and how to use those hashes in pass-the-hash attacks. By the end of this course, you will know two important tactics from the MITRE ATT&CK framework: LLMNR/NBT-NS Poisoning and Relay (T1171) and Network Sniffing (T1040).
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
Course Overview Hey there, welcome to Pluralsight. In this cybersecurity tools course, you learn how to get valid credentials using the Responder tool. If you've never heard about Responder before, it's one of the most use tools by red team specialists. In a red team engagement, after getting initial access to a network, your task is to move laterally and escalate your privileges. And that's exactly where Responder can help you. With Responder, you'll be able to exploit vulnerabilities on the LLMNR protocol, as well as the NBT‑NS protocol, and this allows you to harvest credentials on the internal network, as well as allowing you to perform pass‑the‑hash attacks. So, whether you're trying to move laterally in a red team engagement or just looking to identify vulnerable machines in your own company, join me in learning how to gather credentials using the Responder tool, here at Pluralsight.