Have you ever wondered how to decrypt Kerberos/NTLM “encrypted stub data” fields 🔐 in Wireshark when analyzing Kerberos, RPC, LDAP… traffic?
➡️ Read how to do it on Tenable’s TechBlog: Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark
I had the pleasure to present a talk about this work during the SharkFest Europe 22 conference. Here is the recording (except the beginning which was not recorded due to sound issues, sorry for that and for the missing introduction!):