The Latest in IT Security

What is Mimikatz? And how to defend against this password stealing tool

05
Mar
2019

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets. Other useful attacks it enables are pass-the-hash, pass-the-ticket or building Golden Kerberos tickets. This makes post-exploitation lateral movement within a network easy for attackers.

Mimikatz, described by the author as just “a little tool to play with Windows security,” is an incredibly effective offensive security tool developed by Benjamin Delpy. It is used by penetration testers and malware authors alike. The destructive 2017 NotPetya malware rolled leaked NSA exploits like EternalBlue together with Mimikatz to achieve maximum damage.

Originally conceived as a research project by Delpy to better understand Windows security, Mimikatz also includes a module that dumps Minesweeper from memory and tells you where all the mines are located.

Read More

Leave a reply


Categories

FRIDAY, NOVEMBER 22, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments