Skip to content
This repository has been archived by the owner. It is now read-only.
Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber
Branch: master
Clone or download
Latest commit ee0aaf4 Nov 25, 2016
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Assert convert to Windows line endings and remove signatures due to timeout … Sep 26, 2016
Password convert to Windows line endings and remove signatures due to timeout … Sep 26, 2016
PtHTools
Windows
multithreading convert to Windows line endings and remove signatures due to timeout … Sep 26, 2016
regression convert to Windows line endings and remove signatures due to timeout … Sep 26, 2016
DISCLAIMER.md update readme, license, disclaimer May 25, 2016
LICENSE.md update readme, license, disclaimer May 25, 2016
README.md

README.md

Pass the Hash Guidance

This project hosts scripts for aiding administrators in implementing Pass the Hash mitigations as outlined in the Reducing the Effectiveness of Pass the Hash paper.

The PtHTools module contains the main commands for helping with implementing PtH mitigations:

  • Find-PotentialPtHEvents
  • Invoke-DenyNetworkAccess
  • Edit-AllLocalAccountPasswords
  • Get-LocalAccountSummaryOnDomain
  • Invoke-SmartcardHashRefresh
  • Find-OldSmartcardHash

See the PtHTools readme file for more information on how to use them.

Guidance

Microsoft guidance

License

See LICENSE.

Disclaimer

See DISCLAIMER.

You can’t perform that action at this time.