pass-the-hash
OfficialLateral movement with stolen credentials.
Authorblacklanternsecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill enables lateral movement across a network using stolen credential material like NTLM hashes or Kerberos tickets, bypassing the need to crack passwords.
Core Features & Use Cases
- Credential Reuse: Authenticates to AD services using NTLM hashes, AES keys, or Kerberos tickets.
- Multiple Techniques: Supports Pass-the-Hash, Over-Pass-the-Hash, Pass-the-Key, and Pass-the-Ticket.
- OPSEC Considerations: Prioritizes Kerberos-first authentication (AES keys, tickets) over direct NTLM Pass-the-Hash to minimize detection.
- Use Case: After obtaining an NTLM hash from a compromised system, use this Skill to authenticate to other machines in the domain as the same user, allowing for further network exploration and exploitation without cracking the password.
Quick Start
Use the pass-the-hash skill to authenticate to target.domain.local using the provided NTLM hash.
Dependency Matrix
Required Modules
ImpacketRubeusmimikatznetexecevil-winrm
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: pass-the-hash Download link: https://github.com/blacklanternsecurity/red-run/archive/main.zip#pass-the-hash Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.