Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets. Other useful attacks it enables are pass-the-hash, pass-the-ticket or building Golden Kerberos tickets. This makes post-exploitation lateral movement within a network easy for attackers.
[ Find out how to do penetration testing on the cheap … and not so cheap. | Get the latest from CSO by signing up for our newsletters. ]
To read this article in full, please click here