LLMNR and NBT-NS detection


Does InsightVM have the ability to perform LLMNR / NBT-NS detection?

We have identified a few customers having issues with https://attack.mitre.org/techniques/T1557/001/ and utilizing LLMNR / NBT-NS in particular to obtain NTLMv2 hashes in a pentest, though the standard Insight Agent and Network Scan (Exhaustive-template) didn’t mark those as potential issues.

I see that tenable might have something for this:

In the exhaustive scan-template with the default well-known ports, looking at the “<installation_directory>/plugins/java/1/NetworkScanners/1/default-services.properties” file I see port 137 listed, but not 5355 - but adding that does not seem to catch it either.
Or is it because the scan template is not wide enough? Would the “Penetration test” be a better fit here to try catch those?

Have any of you worked with this in relation to InsightVM scans before?