Responder wiki
Welcome to the official Responder wiki.
The concept:
Responder is an attack toolkit abusing Windows proprietary protocols insecurities and aim at taking complete control of active-directory environments.
This tool has several components:
-
NBT-NS/LLMNR/MDNS poisoners
-
Network traffic analyze mode
-
Many rogue authentication servers
-
Cross-protocol NTLMv1/2 Relay
-
WPAD
-
DHCP spoofer.
-
Fast SMB scanner (Os version, null session, bootime, RDP open, smb1, signing, domain name)
-
Weaponizing Responder.
Each of these components will be documented in this wiki.