mimikatz   92

« earlier    

Five Eyes Intelligence agencies warn of popular hacking tools
Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released a joint report that details some popular hacking tools.
breaking  news  hacking  intelligence  five  eyes  tools  jbifrost rat  mimikatz  pierluigi  paganini  powershell  empire  security  affairs 
october 2018 by SecurityFeed
RT : Just released a new version to support Windows 10 1803 to bypass the Credential Guard authentication chai…
mimikatz  from twitter_favs
september 2018 by michael.clemens
Mimikatz 2.0 - Golden Ticket Walkthrough - Projects - Beneath the Waves
The "executive summary" version of a Golden Ticket is that if you can obtain one of the encryption keys used by the krbtgt account for an Active Directory domain, Mimikatz 2.0 will allow you to forge arbitrary Kerberos authentication tickets for that domain. Those keys are not easily-obtained — unless someone has left an NTDS.DIT backup lying around, it probably requires access to a domain admin account's credentials — so the Golden Ticket functionality is sort of like the "New Game+" mode in the Silent Hill series: you've already won, and now you can play through again as an unstoppable juggernaut with a laser pistol and/or chainsaw.
activedirectory  mimikatz  goldenticket  pentest  security 
june 2018 by whip_lash
A kind of "getsystem" in with CreateProcess & parent PID

(useful to use the machi…
mimikatz  from twitter_favs
june 2018 by blackthorne
Release 2.1.0 20180527 - Terminal Server Multi RDP · gentilkiwi/mimikatz
So Mimikatz can now patch desktop OS to allow multiple simultaneous concurrent user RDP, Works in Windows 10 1803 too...
mimikatz  multiuser  concurrent  RDP  patch  windows  security  hacking  pentesting 
june 2018 by asteroza
caseysmithrc/MimkatzCollider: Mimikatz HashClash
mimikatz  hashes  pentesting  github 
march 2018 by whip_lash
RT : A little update to dump NTLM password history from local SAM database (online/offline)…
mimikatz  from twitter
february 2018 by michael.clemens
DCShadow explained – Alsid blog
The first problem with this approach is that only legitimate computers send their logs to the log collector. During the “DCShadow”, the event logs related to the injection of new data are only created on the attacker’s machine, which will obviously not signal itself by sending events to the SIEM. In this way, the “DCShadow” attack can be stealthy as only a few event logs will be generated by legitimate computers.

Blue teams need a complete redesign of their strategy and shift their focus from log analysis to ### AD configuration analysis ###.
activedirectory  cybersecurity  mimikatz 
january 2018 by bwiese
New Windows Domain Controller compromission: with : set *PREVIOUS* krbtgt keys (here the RC4 one) - and we…
mimikatz  from twitter_favs
january 2018 by blackthorne
Advanced AV evasion technique applied to

Prepended 0xFFFE (7/58)

Fixed MZ signat…
Mimikatz  from twitter_favs
january 2018 by blackthorne
Release 2.1.1 20171220 · gentilkiwi/mimikatz
new mimikatz, there's a handy authentication package called mimilib to capture plaintext passwords at logon on windows 10 with credential guard
mimikatz  security  hacking  pentesting  windows  logon  password  capture  sniffing 
december 2017 by asteroza
How the Mimikatz Hacker Tool Stole the World's Passwords | WIRED
Just a few minutes earlier, the then 25-year-old French programmer had made a quick trip to the front desk to complain about the room's internet connection. He had arrived two days ahead of a talk he was scheduled to give at a nearby security conference and found that there was no Wi-Fi, and the ethernet jack wasn't working. Downstairs, one of the hotel's staff insisted he wait while a technician was sent up to fix it. Delpy refused, and went back to wait in the room instead.
cybersecurity  mimikatz  wired  russia  hotel 
december 2017 by bwiese
Origin story of the Mimikatz password cracker is a parable about security, disclosure, cyberwar, and crime / Boing Boing
Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords.

Delpy told Microsoft about his discovery, only to be rebuffed by Microsoft's engineering team, who told him that his security discovery was irrelevant because it would be too hard to exploit. As a way of proving his point and improving his C, he coded up Mimikatz ("Cute Cat"), a password stealing tool that has since grown into an "insanely powerful" Swiss Army Knife of Windows password-cracking.

Delpy released the sourcecode for Mimikatz after traveling to Russia to present on it at the Positive Hack Days conference in Moscow; that's because, while he was there, Russian spies repeatedly came after his code. First, he walked in on a spy who was physically tampering with his laptop while it was in his hotel room, then a "man in a dark suit" insisted that he put a copy of his presentation and sourcecode on a USB stick.
mimikatz  russia  spy  cybersecurity 
december 2017 by bwiese

« earlier    

related tags

active-directory  active  activedirectory  ad  affairs  antivirus  archive  attack  automation  av  bloodhound  blueteam  breaking  bridge  capture  certificat  clickonce  codesigning  concurrent  cracking  credential  credentials  crypto  cyb633  cybersecurity  dc  dcsync  deathstar  defense  delicious  delivery  deployer  dfir  directory  dll  driectory  empire  exploit  extraction  eyes  five  forensics  forgery  github  golden  golden_ticket  goldenticket  guide  guidelines  hacking  hash  hashcat  hashclash  hashes  hotel  howto  importan  information  infosec  injection  intelligence  ir  javascript  jbifrost rat  johntheripper  jtr  kekeo  kerberos  kereberos  lateral  loader  logon  lsass  manuals  memory  metasploit  microsoft  microsoftata  moonsols  movement  msbuild.exe  multiuser  news  ntlm  obfuscation  offline  paganini  parser  passthehash  password  passwords  passwort  patch  pentest  pentesting  pierluigi  poc  powershell  pwdump  python  rdp  red_team  redteam  reference  relationship  research  russia  sample  scheduled  script  security  signature  signatures  simulation  sniffing  software  spy  sqlite  sysadmin  sysmon  task  threat  threathunting  ticket  tool  tools  trust  tutorial  volatility  vulnerability  whitepaper  wikis  windows  windows8  windwos  wired 

Copy this bookmark: