Merge pull request #1076 from HackTricks-wiki/research_update_src_generic-methodologies-and-resources_threat-modeling_20250709_165500

Add content: Research Update Enhanced src/generic-methodologies-and-resou...

Author: carlospolop

src/SUMMARY.md

@@ -283,6 +283,7 @@
   - [SID-History Injection](windows-hardening/active-directory-methodology/sid-history-injection.md)
   - [Silver Ticket](windows-hardening/active-directory-methodology/silver-ticket.md)
   - [Skeleton Key](windows-hardening/active-directory-methodology/skeleton-key.md)
+  - [Timeroasting](windows-hardening/active-directory-methodology/TimeRoasting.md)
   - [Unconstrained Delegation](windows-hardening/active-directory-methodology/unconstrained-delegation.md)
 - [Windows Security Controls](windows-hardening/authentication-credentials-uac-and-efs/README.md)
   - [UAC - User Account Control](windows-hardening/authentication-credentials-uac-and-efs/uac-user-account-control.md)

src/mobile-pentesting/ios-pentesting/ios-protocol-handlers.md

@@ -3,7 +3,6 @@
 {{#include ../../banners/hacktricks-training.md}}
 
 
-{{#include ../../banners/hacktricks-training.md}}
 
 
 

src/windows-hardening/active-directory-methodology/TimeRoasting.md

@@ -1,4 +1,6 @@
-## TimeRoasting
+# TimeRoasting
+
+{{#include /banners/hacktricks-training.md}}
 
 timeRoasting, the main cause is the outdated authentication mechanism left by Microsoft in its extension to NTP servers, known as MS-SNTP. In this mechanism, clients can directly use any computer account's Relative Identifier (RID), and the domain controller will use the computer account's NTLM hash (generated by MD4) as the key to generate the **Message Authentication Code (MAC)** of the response packet.
 
@@ -37,3 +39,4 @@ sudo ./timeroast.py 10.0.0.42 | tee ntp-hashes.txt
 hashcat -m 31300 ntp-hashes.txt
 ```
 
+{{#include /banners/hacktricks-training.md}}