During an assessment, a penetration tester obtains access to an internal server and would like to perform further reconnaissance by capturing LLMNR traffic. Which of the following tools should the tester use?
Responder es una herramienta especializada para capturar tráfico LLMNR, NBNS y MDNS, y realizar ataques de spoofing y captura de hashes. Es ampliamente utilizada en entornos Windows para capturar credenciales cuando se resuelven nombres que no existen en el DNS.
Netcat y Burp Suite no están diseñados para este propósito. Nmap sirve para escaneo de redes, pero no para captura ni explotación de LLMNR.
Referencia: PT0-003 Objective 4.2 – Explain lateral movement techniques and privilege escalation tools (Responder is explicitly listed).
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit