Posts Tagged ‘Mimikatz’

Most Recent
 
Read More
2018-01-04

Mimikatz detecting

Mimikatz is a tool that implements the functionality of Windows Credentials Editor and allows you to get the authentication data of a logged-in user in the clear. The method used to detect Mimikatz is referred to as a grouping which consists of taking a group of unique artifacts and identifying. The author guides Cyberwardog to create alerts for detecting Mimikatz using Sysmon and ELK Stask in this article. It should be noted that you must already have ELK Stack installed with the ElastAlert setting. The script is needed to process some logic needed to test a couple of things before we can turn off the alert to get started.

141
 
Read More
2017-09-17

How to detect Mimikatz

This article will analyze the behavior of tools that need to be read from the memory of the Lsass.exe process in order to steal valuable accounting information. The author will investigate the behavior of Mimikatz while working as a stand-alone executable file and while working from memory (without a file script).

 

1170
 
Read More
2017-02-15

Mimikatz detection

Samir B. shared the article Mimikatz detection using Windows Security Event Logs.

 

186
 
Read More
2017-02-04

Detecting Mimikatz

The issue of internal security is always important. Mimikatz is a great post-exploitation tool written by Benjamin Delpy (gentilkiwi). Many times after the initial operation phase, the attackers may need to get a firm foothold in the computer / network. This often requires a set of tools. Mimikatz attempt to tie together some of the most useful tasks that cybercriminals want to perform. Mimikatz supports 64-bit and 32-bit Windows architecture.

 

632
Latest Headlines
 
Read More
330
 
Read More
200
 
Read More
475

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
digital forensics software
Android forensics
windows forensics
incident response
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
Android forensic analysis with Autopsy