-
Book Overview & Buying
-
Table Of Contents
CompTIA PenTest+ Study Guide
By :
Throughout this book, we have discussed a variety of methods of attacking passwords and gathering credentials. Attacking hosts, applications, and devices can involve a variety of credential attack schemes.
Once you have compromised a system, you will often want to acquire the local credential store. For Windows, the most common tool to accomplish this is Mimikatz, a post-exploitation tool that is available both as a stand-alone tool and as part of Metasploit’s Meterpreter package. Mimikatz provides a range of features, including the ability to read hashes and passwords directly from memory.
Kali Linux also includes three tools as part of the creddump package that can be used to acquire credentials in Windows. They are cachedump, which dumps cached credentials; lsadump, which dumps LSA secrets; and pwdump, which dumps password hashes. You...
Change the font size
Change margin width
Change background colour