Password Hashes

I’m familiar with using Inveigh and Hashcat in an on-premises environment to capture password hashes across the network and using Hashcat to crack those hashes. I see that also, Inveigh has an option to scan for https traffic, but I’ve yet to capture any hashes. I don’t know if it’s possible with Inveigh, but is there a way to capture hashes in a cloud-based network such as when users have to reauthenticate to Microsoft 365, Salesforce, and any other cloud app the organization may use?

submitted by /u/PowerCaddy14
[link] [comments]

November 7, 2022