After months of hard work and dedication, Impacket v0.11.0 is now available and has a bunch of new and exciting features. We can’t wait for you to explore and enjoy the added capabilities that come with this version!
Category: Impacket
Forging Tickets in 2023
Some time ago, Microsoft released a security patch that changed the way Kerberos tickets are created and validated. Bye-bye golden tickets! Bye-bye golden tickets? Let’s see how to forge tickets in 2023 with Impacket.
Relaying Everything: Coercing Authentications Episode 1 – MSSQL
A new PR merged: MSSQL and the xp_dirtree procedure. You know the rest. Let’s talk about NTLM authentication coercion methods using Impacket.
We’re back!
The Impacket project has found a new home at Fortra 🥳. Let’s take Impacket to the next level.
We love relaying credentials: A technical guide to relaying credentials everywhere
NTLM relay is a well-known technique that has been with us for many years and never seems to go away. In this article you’ll find a technical guide on how to relaying credentials everywhere in 2022.
Impacket v0.10.0 Now Available
Impacket release 0.10.0 is available now and brings several new features and enhancements including a refreshed NTLMrelayx, the Kerberos Key List attack implementation, a refactored Credential Cache, the sunsetting of Python 2, and new testing infrastructure, among other things. Let’s take a look at everything new included in this version.
The Kerberos Key List Attack: The return of the Read Only Domain Controllers
Some time ago Microsoft released a new feature that allows SSO to on-premises resources using security keys. This brought with it the return of the Read Only Domain Controllers and a new credential gathering vector. Let’s take a look at The Kerberos Key List attack.
Impacket release v0.9.24
Impacket release 0.9.24 is available today and includes a lot of new features and enhancements, such as an attack implementation against the Active Directory Certificate Services, an example for abusing the Kerberos Resource-Based Constrained Delegation, or the initial implementation of the [MS-PAR] protocol used by the well-known PrintNigthmare exploit. Let’s take a look at everything new included in this version.
Impacket release v0.9.23
Impacket release 0.9.23 is available now! A couple of brand-new examples scripts, Python 3.9 support, library improvements, fresh features, and even a security fix for a path traversal vulnerability are some highlights of this release. Let’s take a look at the new exciting features.
Impacket release v0.9.22
Impacket version 0.9.22 is already out and brings a bunch of new features, examples, and improvements I want to tell you about. The implementation of RPC over HTTP v2, a new NTLM relay server of ADWS (WCF) connections and support for new scenarios of Kerberoasting are some examples. Let’s take a look at everything that’s changed in this release.