ScoopLM captures LM/NTLM authentication exchange (LanManager and Windows NT challenge/response) on the network. ScoopLM supports microsoft-ds (Direct SMB hosting service; 445 NTLMSSP), Active Directory, NTLMv2 on NetBIOS over TCP/IP, Telnet, IIS (HTTP) and DCOM over TCP/IP.
When an adaptor (Internet Protocol address) on the network for capture is selected, and the Start button is pushed, ScoopLM begins capturing. The Result column in the table displays the authentication result sent from the server. When the Save As menu is selected, authentication information can be saved by Comma Separated Value. This file then becomes the input file to BeatLM. Information from ScoopLM is output to the area under the table.
ScoopLM works only on Pentium compatible computers. And, it works on Windows 2000 and XP (You require the administrator privilege to capture packets).
For your information: