Responder

Responder.py detection across an entire enterprise's infrastructure, using MazeRunner

Since our last blog post about MazeRunner’s Responder Monitor, we have improved it based on feedback from the field, and then deployed it at customer sites—most notably across the entire network of a Fortune 500 customer. In the now infamous attack against Hacking Team, in what turned out to be one of the best guides ever written …

Responder.py detection across an entire enterprise's infrastructure, using MazeRunner Read More »

Pass-the-Hash Deception

MazeRunner now features a whole new category of breadcrumbs, “network traffic breadcrumbs”. These breadcrumbs target threats that sniff the network to gain more credentials, as well as use other propagation techniques. In this version of MazeRunner, the first breadcrumb of this type is generated NTLM traffic, which many known tools (e.g., Responder.py) capture and use in Pass-the-Hash attacks. …

Pass-the-Hash Deception Read More »

Scroll to Top