Digging Your Talons In – New Take On Password Guessing

 

Talon automates a password guessing technique targeting Kerberos and LDAP within the Windows Active Directory environment.

 

Talon is an automated authentication tool for large scale attacks while remaining undetected. Talon has two main functions for performing successful password guessing attacks. The first is user enumeration to generate a list of valid users for attacks. Talon can provide more details about the valid users in a company’s active directory, giving you more information than just if the user exists or not. Talon utilizes Kerberos for enumeration.

 

Source code:

https://github.com/optiv/Talon