.. / PetitPotam

PetitPotam leverages the MS-EFSRPC API to connect to a Windows host, hijack the authentication session, and trigger an authentication from the target host to an attacker controlled host (usually SMB or HTTP server). This captured authentication can then be relayed to authenticate to other hosts and perform more attacks. See more in ntlmrelayx.py.

Command Reference:

Target IP:

Attacker IP:

Domain: test.local

Username: john

Password: password123
Command: Copy References: