SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
Responder
Responder is an open source tool used for LLMNR, NBT-NS and MDNS poisoning, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. [1]
ID: S0174
Type: TOOL
Platforms: Windows
Version: 1.0
Created: 16 January 2018
Last Modified: 17 October 2018
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1557 | .001 | Man-in-the-Middle: LLMNR/NBT-NS Poisoning and SMB Relay |
Responder is used to poison name services to gather hashes and credentials from systems within a local network.[1] |
Enterprise | T1040 | Network Sniffing |
Responder captures hashes and credentials that are sent to the system after the name services have been poisoned.[1] |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0007 | APT28 |
References
×