• Online, Self-Paced
Course Description

Adversaries may “pass the hash” using stolen password hashes to move laterally within an environment, bypassing normal system access controls. Pass the hash (Path) is a method of authenticating as a user without having access to the user’s cleartext password. This method bypasses standard authentication steps that require a cleartext password, moving directly into the portion of the authentication that uses the password hash.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills required to:

  • Execute a "pass the hash" attack using stolen password hashes.
  • Move directly into the portion of the authentication that uses the password hash
  • Bypasses standard authentication steps that require a cleartext password

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Software Development

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.