{"id":13843456,"url":"https://github.com/nyxgeek/ntlmscan","last_synced_at":"2025-07-11T19:31:38.792Z","repository":{"id":56271319,"uuid":"216979999","full_name":"nyxgeek/ntlmscan","owner":"nyxgeek","description":"scan for NTLM directories","archived":false,"fork":false,"pushed_at":"2024-06-27T11:10:32.000Z","size":31,"stargazers_count":344,"open_issues_count":0,"forks_count":57,"subscribers_count":12,"default_branch":"master","last_synced_at":"2024-08-05T17:37:38.862Z","etag":null,"topics":["hacking","ntlm","ntlm-authentication","pentest","scanner","windows"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nyxgeek.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-10-23T06:02:56.000Z","updated_at":"2024-07-29T05:41:10.000Z","dependencies_parsed_at":"2024-04-12T17:37:37.320Z","dependency_job_id":"47ba46c1-2710-4119-8791-8c7bb48c5e68","html_url":"https://github.com/nyxgeek/ntlmscan","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyxgeek%2Fntlmscan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyxgeek%2Fntlmscan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyxgeek%2Fntlmscan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyxgeek%2Fntlmscan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nyxgeek","download_url":"https://codeload.github.com/nyxgeek/ntlmscan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225754989,"owners_count":17519183,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacking","ntlm","ntlm-authentication","pentest","scanner","windows"],"created_at":"2024-08-04T17:02:09.096Z","updated_at":"2024-11-21T15:30:58.562Z","avatar_url":"https://github.com/nyxgeek.png","language":"Python","funding_links":[],"categories":["Python (1887)","Operating Systems","Python"],"sub_categories":["Windows"],"readme":"# ntlmscan\nscan for NTLM directories\n\nreliable targets are:\n* OWA servers\n* Skype for Business/Lync servers\n* Autodiscover servers (autodiscover.domain.com and lyncdiscover.domain.com)\n* ADFS servers\n\n\nonce identified, use nmap and the [http-ntlm-info](https://nmap.org/nsedoc/scripts/http-ntlm-info.html) script to extract internal domain/server information \n\n\n```\nusage: ntlmscan.py [-h] [--url URL] [--host HOST] [--hostfile HOSTFILE]\n                   [--outfile OUTFILE] [--dictionary DICTIONARY]\n\noptional arguments:\n  -h, --help              show this help message and exit\n  --url URL               full url path to test\n  --host HOST             a single host to search for ntlm dirs on\n  --hostfile HOSTFILE     file containing ips or hostnames to test\n  --outfile OUTFILE       file to write results to\n  --dictionary DICTIONARY list of paths to test, default: paths.dict\n  --nmap                  run nmap with http-ntlm-info after testing (requires nmap)\n  --debug                 show request headers\n ```\n \n \n Examples:\n ```\n python3 ntlmscan.py --url https://autodiscover.domain.com/autodiscover\n \n python3 ntlmscan.py --host autodiscover.domain.com\n \n python3 ntlmscan.py --hostfile hosts.txt --dictionary big.txt\n ```\n\n![Screenshot of usage](http://nyxgeek.com/ntlmscan.py_use3.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnyxgeek%2Fntlmscan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnyxgeek%2Fntlmscan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnyxgeek%2Fntlmscan/lists"}