Credential Access

Mimikatz

Extract Windows credentials from memory.

credentialswindows

mimikatz — terminal

$ sekurlsa::logonpasswords

What it does

Mimikatz dumps plaintext passwords, hashes, and Kerberos tickets from Windows memory, enabling pass-the-hash and pass-the-ticket attacks. It's a cornerstone of Active Directory compromise.

Source

https://github.com/gentilkiwi/mimikatz ↗

More Credential Access tools

HashcatGPU-accelerated password cracking.HydraFast online network login brute-forcer.LaZagneLocal credential harvester.gpp-decryptDecrypt Group Policy Preferences passwords.

Need hosted scanning instead of local tooling?

Run a scan in the browser →