Detect LLMNR poisoning attacks with the third installment of our Active Directory Series.

We’re excited to introduce Noxious, the third release of our Active Directory Sherlock series in Dedicated Labs.

This scenario is designed to improve your detection and mitigation skills for LLMNR poisoning attacks, focusing on how attackers exploit network protocols to compromise security.

• Analyze network traffic to identify credential-stealing techniques.
• Understand how a simple typo can lead to a security breach.
• Use the Responder tool to capture NTLM hashes and impersonate legitimate devices.
• Crack NTLMv2 hashes by extracting information from SMB traffic.

Learn more about LLMNR poisoning attack detection in our recent blog post or hit the button below to get started with Noxious!