Showing Articles About
infrastructure security
-
Max Keasley 
Owen Reeve 
Sharan Patil - 4 May 2026
Where There Is MSSQL, There Is A Way
Authentication coercion via xp_dirtree and other stored procedures are well known tricks and are often blocked. What if we find other methods to capture Net-NTLMv2 hashes? As the latest organisation joining in the MSSQL EPA and NTLM relay research, we are here to highlight our journey of exploiting MSSQL NTLM Relay.