mimikatz   88

« earlier    

Mimikatz 2.0 - Golden Ticket Walkthrough - Projects - Beneath the Waves
The "executive summary" version of a Golden Ticket is that if you can obtain one of the encryption keys used by the krbtgt account for an Active Directory domain, Mimikatz 2.0 will allow you to forge arbitrary Kerberos authentication tickets for that domain. Those keys are not easily-obtained — unless someone has left an NTDS.DIT backup lying around, it probably requires access to a domain admin account's credentials — so the Golden Ticket functionality is sort of like the "New Game+" mode in the Silent Hill series: you've already won, and now you can play through again as an unstoppable juggernaut with a laser pistol and/or chainsaw.
activedirectory  mimikatz  goldenticket  pentest  security 
27 days ago by whip_lash
Twitter
A kind of "getsystem" in with CreateProcess & parent PID

(useful to use the machi…
mimikatz  from twitter_favs
4 weeks ago by blackthorne
Release 2.1.0 20180527 - Terminal Server Multi RDP · gentilkiwi/mimikatz
So Mimikatz can now patch desktop OS to allow multiple simultaneous concurrent user RDP, Works in Windows 10 1803 too...
mimikatz  multiuser  concurrent  RDP  patch  windows  security  hacking  pentesting 
6 weeks ago by asteroza
caseysmithrc/MimkatzCollider: Mimikatz HashClash
APPERAS TO ALTER THE MIMIKATZ EXE FILE HAS TO RESEMBLE A BENIGN PROGRAM.
mimikatz  hashes  pentesting  github 
march 2018 by whip_lash
Twitter
RT : A little update to dump NTLM password history from local SAM database (online/offline)…
mimikatz  from twitter
february 2018 by michael.clemens
DCShadow explained – Alsid blog
The first problem with this approach is that only legitimate computers send their logs to the log collector. During the “DCShadow”, the event logs related to the injection of new data are only created on the attacker’s machine, which will obviously not signal itself by sending events to the SIEM. In this way, the “DCShadow” attack can be stealthy as only a few event logs will be generated by legitimate computers.

Blue teams need a complete redesign of their strategy and shift their focus from log analysis to ### AD configuration analysis ###.
activedirectory  cybersecurity  mimikatz 
january 2018 by bwiese
Twitter
New Windows Domain Controller compromission: with : set *PREVIOUS* krbtgt keys (here the RC4 one) - and we…
mimikatz  from twitter_favs
january 2018 by blackthorne
Twitter
Advanced AV evasion technique applied to

Prepended 0xFFFE (7/58)

Fixed MZ signat…
Mimikatz  from twitter_favs
january 2018 by blackthorne
Release 2.1.1 20171220 · gentilkiwi/mimikatz
new mimikatz, there's a handy authentication package called mimilib to capture plaintext passwords at logon on windows 10 with credential guard
mimikatz  security  hacking  pentesting  windows  logon  password  capture  sniffing 
december 2017 by asteroza
How the Mimikatz Hacker Tool Stole the World's Passwords | WIRED
Just a few minutes earlier, the then 25-year-old French programmer had made a quick trip to the front desk to complain about the room's internet connection. He had arrived two days ahead of a talk he was scheduled to give at a nearby security conference and found that there was no Wi-Fi, and the ethernet jack wasn't working. Downstairs, one of the hotel's staff insisted he wait while a technician was sent up to fix it. Delpy refused, and went back to wait in the room instead.
cybersecurity  mimikatz  wired  russia 
december 2017 by bwiese
Origin story of the Mimikatz password cracker is a parable about security, disclosure, cyberwar, and crime / Boing Boing
Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords.

Delpy told Microsoft about his discovery, only to be rebuffed by Microsoft's engineering team, who told him that his security discovery was irrelevant because it would be too hard to exploit. As a way of proving his point and improving his C, he coded up Mimikatz ("Cute Cat"), a password stealing tool that has since grown into an "insanely powerful" Swiss Army Knife of Windows password-cracking.

Delpy released the sourcecode for Mimikatz after traveling to Russia to present on it at the Positive Hack Days conference in Moscow; that's because, while he was there, Russian spies repeatedly came after his code. First, he walked in on a spy who was physically tampering with his laptop while it was in his hotel room, then a "man in a dark suit" insisted that he put a copy of his presentation and sourcecode on a USB stick.
mimikatz  russia  spy  cybersecurity 
december 2017 by bwiese
Twitter
I'm not a hash/password cracker, but some of you are.
For the love of , and ,
mimikatz  from twitter_favs
december 2017 by blackthorne
Twitter
This new security measure is damn good...
mimikatz  from twitter_favs
november 2017 by icco
Twitter
This new security measure is damn good...
mimikatz  from twitter_favs
november 2017 by juancampa
Twitter
This new security measure is damn good...
mimikatz  from twitter_favs
november 2017 by akalin
Twitter
After an extended delay, the ADSecurity unofficial Mimikatz guide is now current & updated for version 2.…
Mimikatz  from twitter_favs
november 2017 by micedre

« earlier    

related tags

active-directory  active  activedirectory  ad  antivirus  archive  attack  automation  av  bloodhound  bridge  capture  certificat  clickonce  codesigning  concurrent  cracking  credential  credentials  crypto  cyb633  cybersecurity  dcsync  deathstar  delicious  delivery  deployer  dfir  directory  dll  exploit  extraction  forensics  forgery  github  golden  golden_ticket  goldenticket  guide  guidelines  hacking  hash  hashcat  hashes  howto  importan  information  infosec  injection  ir  javascript  johntheripper  jtr  kekeo  kerberos  kereberos  lateral  loader  logon  lsass  manuals  memory  metasploit  microsoft  microsoftata  moonsols  movement  msbuild.exe  multiuser  ntlm  obfuscation  offline  parser  passthehash  password  passwords  passwort  patch  pentest  pentesting  poc  powershell  pwdump  python  rdp  red_team  reference  relationship  research  rundll32  russia  sample  scheduled  script  security  signature  signatures  simulation  sniffing  software  soon  spy  sqlite  sysmon  task  threat  threathunting  ticket  tool  tools  trust  tutorial  volatility  vulnerability  whitepaper  wikis  windows  windows8  wired 

Copy this bookmark:



description:


tags: