/ketshash

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.

Primary LanguagePowerShellGNU General Public License v3.0GPL-3.0

Issues