-
Notifications
You must be signed in to change notification settings - Fork 3.8k
Home
mimikatz
is a tool I've made to learn C and make somes experiments with Windows security.
It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory.
mimikatz
can also perform pass-the-hash, pass-the-ticket, build Golden tickets, play with certificates or private keys, vault, ...
maybe make coffee?
Its symbol is a kiwi:
.#####. mimikatz 2.0 alpha (x64) release "Kiwi en C" (Apr 26 2014 00:25:11)
.## ^ ##.
## / \ ## /* * *
## \ / ## Benjamin DELPY `gentilkiwi` ( [email protected] )
'## v ##' http://blog.gentilkiwi.com/mimikatz (oe.eo)
'#####' with 14 modules * * */
sometimes the animal, but mostly the fruit!
How can you get it?
- sources (Visual Studion solution) on GitHub - see howto ~ build-mimikatz
- binaries are availables on http://blog.gentilkiwi.com/mimikatz (zip or 7z)
- standard
- privilege
- crypto
- sekurlsa
- kerberos
- lsadump
- vault
- token
- event
- ts
- process
- service
- net
- misc
- library
mimilib
- driver
mimidrv
I started to code mimikatz
for some reasons:
- improve my knowledge, especially in C/C++ for Windows ;
- explain security concepts ;
- prove to Microsoft that sometimes they must change old habits.
mimikatz
is now 2.0, but is born in 2007, it was known by other names:
-
kdll
; a simple DLL injector -
kdllpipe
; first version to accomplish Pass-The-Hash, with interaction on a named pipe -
katz
; -
mimikatz
!
-
Meterpreter extension for
mimikatz 1.0
by Ben Campbell (https://twitter.com/Meatballs__ / https://github.com/Meatballs1) -
DLL reflection in PowerShell by Joseph Bialek (https://twitter.com/JosephBialek / https://github.com/clymb3r)
-
Volatility plugin by Francesco Picasso (https://plus.google.com/+francescopicasso / https://code.google.com/p/hotoloti)
-
Meterpreter extension for
mimikatz 2.0
in progress by Oliver Reeves (https://twitter.com/TheColonial / https://github.com/OJ)
-
wce
(cleartext passwords part) by Hernan Ochoa @ Amplia security (https://twitter.com/hernano / https://twitter.com/AmpliaSecurity) -
sessiondump
by Steeve Barbeau @ HSC (https://twitter.com/steevebarbeau / https://github.com/steeve85)