Mimikatz Insights

What is Mimikatz?

Mimikatz is a post-exploitation tool that is commonly used to obtain authentication credentials such as plaintext passwords, hash values, Kerberos tickets, and PIN codes from memory. It is often used in penetration testing and red team engagements, but can also be employed by malicious actors to escalate privileges and move laterally within a compromised network. Due to its open-source nature and wide availability, Mimikatz has become a staple in the toolkit of both security professionals and attackers.

Find organizations using Mimikatz on Sumble →

What other technologies are related to Mimikatz?

Mimikatz Complementary Technologies

Impacket

Impacket is a collection of Python classes for working with network protocols. It is complementary because it can be used to implement similar credential dumping and manipulation techniques as Mimikatz, but provides a programmable interface.

mentioned alongside Mimikatz in 59% (131) of relevant job posts

PowerSploit

PowerSploit is a collection of PowerShell modules that can be used for post-exploitation. It is complementary because it includes modules that perform similar tasks as Mimikatz, such as credential dumping and token manipulation, and can use mimikatz internally.

mentioned alongside Mimikatz in 53% (120) of relevant job posts

Rubeus

Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is complementary because it can be used to perform Kerberos-related attacks like ticket manipulation and credential theft, which are also functionalities present in Mimikatz.

mentioned alongside Mimikatz in 73% (71) of relevant job posts