mimikatz   85

« earlier    

caseysmithrc/MimkatzCollider: Mimikatz HashClash
APPERAS TO ALTER THE MIMIKATZ EXE FILE HAS TO RESEMBLE A BENIGN PROGRAM.
mimikatz  hashes  pentesting  github 
7 weeks ago by whip_lash
Twitter
RT : A little update to dump NTLM password history from local SAM database (online/offline)…
mimikatz  from twitter
10 weeks ago by michael.clemens
DCShadow explained – Alsid blog
The first problem with this approach is that only legitimate computers send their logs to the log collector. During the “DCShadow”, the event logs related to the injection of new data are only created on the attacker’s machine, which will obviously not signal itself by sending events to the SIEM. In this way, the “DCShadow” attack can be stealthy as only a few event logs will be generated by legitimate computers.

Blue teams need a complete redesign of their strategy and shift their focus from log analysis to ### AD configuration analysis ###.
activedirectory  cybersecurity  mimikatz 
11 weeks ago by bwiese
Twitter
New Windows Domain Controller compromission: with : set *PREVIOUS* krbtgt keys (here the RC4 one) - and we…
mimikatz  from twitter_favs
12 weeks ago by blackthorne
Twitter
Advanced AV evasion technique applied to

Prepended 0xFFFE (7/58)

Fixed MZ signat…
Mimikatz  from twitter_favs
january 2018 by blackthorne
Release 2.1.1 20171220 · gentilkiwi/mimikatz
new mimikatz, there's a handy authentication package called mimilib to capture plaintext passwords at logon on windows 10 with credential guard
mimikatz  security  hacking  pentesting  windows  logon  password  capture  sniffing 
december 2017 by asteroza
How the Mimikatz Hacker Tool Stole the World's Passwords | WIRED
Just a few minutes earlier, the then 25-year-old French programmer had made a quick trip to the front desk to complain about the room's internet connection. He had arrived two days ahead of a talk he was scheduled to give at a nearby security conference and found that there was no Wi-Fi, and the ethernet jack wasn't working. Downstairs, one of the hotel's staff insisted he wait while a technician was sent up to fix it. Delpy refused, and went back to wait in the room instead.
cybersecurity  mimikatz  wired  russia 
december 2017 by bwiese
Origin story of the Mimikatz password cracker is a parable about security, disclosure, cyberwar, and crime / Boing Boing
Five years ago, Benjamin Delpy was working for an unspecified French government agency and teaching himself to program in C, and had discovered a vital flaw in the way that Windows protected its users' passwords.

Delpy told Microsoft about his discovery, only to be rebuffed by Microsoft's engineering team, who told him that his security discovery was irrelevant because it would be too hard to exploit. As a way of proving his point and improving his C, he coded up Mimikatz ("Cute Cat"), a password stealing tool that has since grown into an "insanely powerful" Swiss Army Knife of Windows password-cracking.

Delpy released the sourcecode for Mimikatz after traveling to Russia to present on it at the Positive Hack Days conference in Moscow; that's because, while he was there, Russian spies repeatedly came after his code. First, he walked in on a spy who was physically tampering with his laptop while it was in his hotel room, then a "man in a dark suit" insisted that he put a copy of his presentation and sourcecode on a USB stick.
mimikatz  russia  spy  cybersecurity 
december 2017 by bwiese
Twitter
I'm not a hash/password cracker, but some of you are.
For the love of , and ,
mimikatz  from twitter_favs
december 2017 by blackthorne
Twitter
This new security measure is damn good...
mimikatz  from twitter_favs
november 2017 by icco
Twitter
This new security measure is damn good...
mimikatz  from twitter_favs
november 2017 by juancampa
Twitter
This new security measure is damn good...
mimikatz  from twitter_favs
november 2017 by akalin
Twitter
After an extended delay, the ADSecurity unofficial Mimikatz guide is now current & updated for version 2.…
Mimikatz  from twitter_favs
november 2017 by micedre
Twitter
RT : MS Signed in just 3 steps ;-)
1.
2.
3.…
Mimikatz  from twitter
october 2017 by comfortably-dumb

« earlier    

related tags

active-directory  active  activedirectory  ad  antivirus  archive  attack  automation  av  bloodhound  bridge  capture  certificat  clickonce  codesigning  cracking  credential  credentials  crypto  cyb633  cybersecurity  dcsync  deathstar  delicious  delivery  deployer  dfir  directory  dll  exploit  extraction  forensics  forgery  github  golden  golden_ticket  goldenticket  guide  guidelines  hacking  hash  hashcat  hashes  howto  importan  information  infosec  injection  ir  javascript  johntheripper  jtr  kekeo  kerberos  kereberos  lateral  loader  logon  lsass  manuals  memory  metasploit  microsoft  microsoftata  moonsols  movement  msbuild.exe  ntlm  obfuscation  offline  parser  passthehash  password  passwords  passwort  pentest  pentesting  poc  powershell  pwdump  python  red_team  reference  relationship  research  rundll32  russia  sample  scheduled  script  security  signature  signatures  simulation  sniffing  software  soon  spy  sqlite  sysmon  task  threat  threathunting  ticket  tool  tools  trust  tutorial  volatility  vulnerability  whitepaper  wikis  windows  windows8  wired 

Copy this bookmark:



description:


tags: