Glossary

NTLM RELAY
defined.

An attack where an attacker captures NTLM authentication traffic and relays it to a different target service to authenticate as the victim.

A–Z

What is NTLM Relay?

Variants include LLMNR/NBT-NS poisoning, IPv6 takeover via mitm6, PetitPotam, and PrinterBug. SMB signing, LDAP signing/channel binding, and EPA on HTTP services close the relay gaps.

Related terms.

Pass the Hash
Pass the Ticket
Lateral Movement
Privilege Escalation

Where this shows up.

See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.

Test for this in your stack

BOOK A FREE
scoping call.

30-minute call with an OSCP-certified engineer. Tailored proposal in 24 hours.

Book Free Scoping Call →All Services

NTLM RELAYdefined.

What is NTLM Relay?

Related terms.

Where this shows up.

BOOK A FREEscoping call.

NTLM RELAY
defined.

BOOK A FREE
scoping call.