cyberark / ketshash

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
170Updated 2 months ago

Alternatives and similar repositories for ketshash:

Users that are interested in ketshash are comparing it to the libraries listed below