Search Results for "mimikatz"

mimikatz is a tool that makes some "experiments" with Windows security. It's well-known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. It can also perform pass-the-hash, pass-the-ticket or build Golden tickets; play with certificates or private keys, vault and more.

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing passwords. Will attempt to calculate each word's probability by checking hashes in memory, and regex searches. 2.0 introduces a clean port that aims to increase the speed of execution and portability

While performing a Pen test for a client i needed to catch a domain user name and password, there are several ways to gain users passwords and it really depends on a lot of factors on how to get it in my case i didn't had time to wait for the user to enter his credentials and get it using a key logger so I and @Roni_Bachar created a fake windows domain login window to tried to force and trick the user to enter his password. There are several tools and techniques such as "Mimikatz" but they require you to have administrative/system privileges, you don't need special privileges to execute "Windows Domain Credentials Phishing Tool". * Special Thanks to @Roni_Bachar (https://twitter.com/roni_bachar) For the idea and help in developing the tool. If you find this tool useful crypto currency donations are welcome: Bitcoin: 1Kksc9b4WZ5X36xGDgpodPVpBSozMje6ui Litecoin: LQ1JCMxo122FpJ8iKX7HsrNtjCacpTkkFW