Credential Access with Mimikatz

In addition to other functionality, Mimikatz extracts password hashes and clear-text credentials from system memory. Mimikatz can also manipulate domain account passwords or display protected credentials stored in files.
Course info
Rating
(13)
Level
Intermediate
Updated
Mar 30, 2020
Duration
25m
Table of contents
Description
Course info
Rating
(13)
Level
Intermediate
Updated
Mar 30, 2020
Duration
25m
Description

Would you like to be able to see clear text credentials stored in memory? How about harvesting clear text credentials stored in protected files? In this course, Credential Access with Mimikatz, you will learn how to leverage the advanced credential access capabilities of the open-source Mimikatz project towards post-exploitation activities. First, you will see how to harvest password hashes and clear text user names and passwords for active login sessions stored in system memory. Next, you will discover how Mimikatz can be used to open memory dumps from other systems for situations where you may not be able to run Mimikatz on the victim machine. Finally, you will explore how to obtain clear text usernames and passwords stored by browsers, changing domain user passwords on the fly, and capturing passwords to file. When you finished with this course, you will have the skills and knowledge of the open-source Mimikatz tool needed to emulate credential access techniques aligned with Mitre ATT&CK.

About the author
About the author

Lee Allen is a penetration tester by trade. Lee has authored four books about penetration testing and has created several Pluralsight courses.

More from the author
Lateral Movement with Mimikatz
Intermediate
28m
May 1, 2020
Credential Access with THC Hydra
Intermediate
22m
Jan 27, 2020
More courses by Lee Allen
Section Introduction Transcripts
Section Introduction Transcripts

Tool Introduction
Hi there and welcome to Pluralsight and this Cyber Security Tools course featuring many cats. The open source, Post Exploitation tool, developed and maintained by Benjamin Delphine. There are situations were clear. Text credential sets can be harvested from compromised systems along with other capabilities. Many cats can be used to extract password hash is and clear text credentials from memory. It can also be used to manipulate domain account passwords and to display protected credential stored in certain files. These credentials can then be used to attack other systems on the Net. If you are seeking to learn how many cats can be used to obtain clear text credential sets during security engagements, or if you just want to learn how Attackers are able to perform these activities, come join me and learn how to harvest credentials using Mimi Cats here at Pluralsight.