Skip navigation
Menu
What is Mimikatz
Security

What is Mimikatz

Q. What is Mimikatz?

A. Mimikatz is an open-source utility that enables the viewing of credential information from the Windows lsass (Local Security Authority Subsystem Service) through its sekurlsa module which includes plaintext passwords and Kerberos tickets which could then be used for attacks such as pass-the-hash and pass-the-ticket. Most anti-virus tools will detect the presence of Mimikatz as a threat and delete it but it can be interesting to test security on systems.

It is available from https://github.com/gentilkiwi/mimikatz and I use it to demonstrate the absence of ticket information when using security features such as remote credential guard.

Below is an example execution to look for passwords on a system.

privilege::debug
Sekurlsa::logonpasswords

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024