This repository has been archived by the owner. It is now read-only.
Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber
PowerShell
Switch branches/tags
Nothing to show
Clone or download
Latest commit ee0aaf4 Nov 25, 2016

README.md

Pass the Hash Guidance

This project hosts scripts for aiding administrators in implementing Pass the Hash mitigations as outlined in the Reducing the Effectiveness of Pass the Hash paper.

The PtHTools module contains the main commands for helping with implementing PtH mitigations:

  • Find-PotentialPtHEvents
  • Invoke-DenyNetworkAccess
  • Edit-AllLocalAccountPasswords
  • Get-LocalAccountSummaryOnDomain
  • Invoke-SmartcardHashRefresh
  • Find-OldSmartcardHash

See the PtHTools readme file for more information on how to use them.

Guidance

Microsoft guidance

License

See LICENSE.

Disclaimer

See DISCLAIMER.