Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

ntlm-parser

Package Overview
Dependencies
Maintainers
1
Versions
9
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

ntlm-parser

Check and understand the content of a NTLM message

latest
Source
npmnpm
Version
1.0.9
Version published
Weekly downloads
361
-15.26%
Maintainers
1
Weekly downloads
 
Created
Source

NTLM Parser

Parse base64 or hex NTLM messages.

Useful to better understand what's going on during a SPNEGO Negotiate NTLM authentication phase.

license npm version sponsor Code Style: Google

Install

Global:

npm i -g ntlm-parser

Local:

npm i ntlm-parser

Usage

Command line

ntlm-parser <message-base64>
ntlm-parser -x <message-hex>

Example:

Base64 message:

ntlm-parser TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAKALpHAAAADw==

Hex message:

ntlm-parser 4e544c4d53535000010000000732000006000600330000000b000b0028000000050093080000000f574f524b53544154494f4e444f4d41494e

Javascript

const {ntlmParse} = require('ntlm-parser');

const object = ntlmParse(base64);
console.log('object: ', object);

Output

object:  {
  messageType: 'NEGOTIATE_MESSAGE (type 1)',
  flags: 'NEGOTIATE_UNICODE NEGOTIATE_OEM REQUEST_TARGET NEGOTIATE_NTLM NEGOTIATE_ALWAYS_SIGN NEGOTIATE_EXTENDED_SESSIONSECURITY NEGOTIATE_VERSION NEGOTIATE_128 NEGOTIATE_56',
  suppliedDomain: { length: 0, allocated: 0, offset: 0 },
  suppliedWorkstation: { length: 0, allocated: 0, offset: 0 },
  osVersionStructure: {
    majorVersion: 10,
    minorVersion: 0,
    buildNumber: 18362,
    unknown: 15
  },
  suppliedDomainData: '',
  suppliedWorkstationData: ''
}

Typescript

This module already works with Typescript.

Same program as above:

import {ntlmParse} from 'ntlm-parser';

const object = ntlmParse(base64);
console.log('object: ', object);

References

NTLM specification can be found for free on the Microsoft website at: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/b38c36ed-2804-4868-a9ff-8dd3182128e4

A more understandable document describing NTLM can also be found here: http://davenport.sourceforge.net/ntlm.html

TODO

When I will have time:

  • Building, or modifying NTLM message, not just parsing.

Author

Made with :heart: by me, Jean-Louis GUENEGO jlguenego@gmail.com on my free time.

Keywords

ntlm
authentication
base64
SPNEGO
Negotiate
SSO

FAQs

Package last updated on 20 Nov 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

OWASP 2025 Top 10 Adds Software Supply Chain Failures, Ranked Top Community Concern

Security News

OWASP 2025 Top 10 Adds Software Supply Chain Failures, Ranked Top Community Concern

OWASP’s 2025 Top 10 introduces Software Supply Chain Failures as a new category, reflecting rising concern over dependency and build system risks.

By Sarah Gooding  -  Nov 08, 2025
9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads

Research

/

Security News

9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads

Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.

By Kush Pandya  -  Nov 06, 2025