Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
I recently had a coworker ask how they could disable NBTNS poisoning specifically, and since the only way to do that was to modify the code, I thought, why not add in the option to do it in the config?
Specifically:
[Responder Core]
; Poisoners to start
MDNS = On
LLMNR = On
NBTNS = On
; Servers to start
SQL = On
... etc
lgandx
commented
5 months ago
I recently had a coworker ask how they could disable NBTNS poisoning specifically, and since the only way to do that was to modify the code, I thought, why not add in the option to do it in the config?
Specifically: