SEC504: Hacker Tools, Techniques, and Incident Handling

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsMimikatz has become an extremely effective attack tool against Windows clients, allowing bad actors to retrieve cleartext passwords, as well as password hashes from memory. This paper will begin with an overview of Mimikatz's capabilities and payloadvectors. Several methods to mitigate the risk posed by Mimikatz will follow, and the paper will conclude with methods that may be used to detect the presence of Mimikatz.