Recently during an engagement, while I was performing an internal network assessment, I figured out that responder was not able to capture the hashes. Initially I thought that this might be due to some issue with the responder configuration or the options that I am using. After fiddling with it for a while, I started searching on capture NTLM hashes over the internet. I found some good links to use bettercap and thought of putting it down for my own reference.
Continue reading “Capturing NTLM Hashes using Bettercap”