Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets. Other useful attacks it enables are pass-the-hash, pass-the-ticket or building Golden Kerberos tickets. This makes post-exploitation lateral movement within a network easy for attackers.
Mimikatz, described by the author as just “a little tool to play with Windows security,” is an incredibly effective offensive security tool developed by Benjamin Delpy. It is used by penetration testers and malware authors alike. The destructive 2017 NotPetya malware rolled leaked NSA exploits like EternalBlue together with Mimikatz to achieve maximum damage.
Originally conceived as a research project by Delpy to better understand Windows security, Mimikatz also includes a module that dumps Minesweeper from memory and tells you where all the mines are located.
Leave a reply