🖥️
Pentest Playbook
  • Pentest Playbook
  • Methodology
    • 🐘Pentest Methodology
  • Reconnaissance
    • 🦅Scanning and Enumeration
      • Host Discovery
      • Port Scan
  • Active Directory
    • 🐻Initial Attack Vectors
      • LLMNR Poisoning
      • SMB Relay
      • Gaining Shell Access
      • IPv6 Attack
    • 🐻‍❄️Post-Compromise Enumeration
      • LDAPDomainDump
      • BloodHound
      • PlumHound
      • PingCastle
    • 🐼Post-Compromise Attacks
      • CrackMapExec
      • SecretsDump
      • Kerberoasting
      • Token Impersonation
      • LNK File Attack
      • GPP or cPassword Attack
      • Mimikatz
  • Password Attacks
    • 🐱Hashcat
      • Hashcat for Windows
    • 🐠Hydra
    • 🐶John The Ripper
Powered by GitBook
On this page
  • Introduction
  • Credential Dumping with Mimikatz
  1. Active Directory
  2. Post-Compromise Attacks

Mimikatz

Introduction

Mimikatz allows you to view and steal credentials, generate Kerberos tickets, dump credentials stored in memory and leverage attacks. Mimikatz can be easily detected by anti-virus programs. You would need to obfuscate it in order to bypass anti-virus programs.

Mimikatz can do the following attacks:

  • Credential Dumping

  • Pass-the-Hash

  • Over-Pass-the-Hash

  • Pass-the-Ticket.

  • Silver Ticket

  • Golden Ticket

Credential Dumping with Mimikatz

Once you are able to download/transfer Mimikatz to a target machine, you can now dump the credentials stored on that machine or perform some password attacks.

.\mimikatz
privilege::debug

# Attacks
sekurlsa::logonPasswords

PreviousGPP or cPassword AttackNextHashcat

Last updated 12 months ago

🐼