diff --git a/windows-hardening/ntlm/README.md b/windows-hardening/ntlm/README.md
index 4317b842c..127d536d7 100644
--- a/windows-hardening/ntlm/README.md
+++ b/windows-hardening/ntlm/README.md
@@ -194,7 +194,7 @@ The **challenge length is 8 bytes** and **2 responses are sent**: One is **24 by
 
 The **second response** is created using **several values** (a new client challenge, a **timestamp** to avoid **replay attacks**...)
 
-If you have a **pcap that has captured a successful authentication process**, you can follow this guide to get the domain, username , challenge and response and try to creak the password: [https://research.801labs.org/cracking-an-ntlmv2-hash/](https://research.801labs.org/cracking-an-ntlmv2-hash/)
+If you have a **pcap that has captured a successful authentication process**, you can follow this guide to get the domain, username , challenge and response and try to creak the password: [https://research.801labs.org/cracking-an-ntlmv2-hash/](https://www.801labs.org/research-portal/post/cracking-an-ntlmv2-hash/)
 
 ## Pass-the-Hash