cybersecurity Glossary

What is Mimikatz?

Mimikatz is a tool for Windows that allows you to extract login passwords, Kerberos tickets, NTLM hashes and certificates on Windows.

It stands out for its ability to extract unencrypted passwords directly from Windows memory and for this reason it is used as a post-exploitation tool by pentesters, red teamers as well as malicious actors.

It is precisely the ease of extracting passwords from a compromised system that makes it necessary to implement hardening strategies, avoiding the storage of secrets in memory, segmenting environments into Tiers and avoiding the reuse of local administrator passwords with solutions such as Microsoft LAPS, to guarantee the active directory security.