mimikatz
5 posts tagged mimikatz.
-
Mimikatz and the Credential-Theft Decade: The Windows Security Wars Part 3 (2009-2014)
Microsoft killed the rootkit class with AppLocker, Secure Boot, ELAM, and AppContainer. Then a side project in C named Mimikatz proved the wrong layer had been hardened.
-
Protected Process Light: When the Administrator Isn't Enough
How a single byte in EPROCESS encodes a signer lattice that denies SYSTEM-integrity admins the right to read LSASS -- and why every public bypass since 2018 attacks the same structural seam.
-
DPAPI and DPAPI-NG: The Credential Vault Under Everything
A 25-year tour of Windows Data Protection API: the four-stage classic chain, the 2012 DPAPI-NG redesign, the KDS root key, and the five structural ceilings the design cannot close.
-
The Empty Hash: Credential Guard, the LsaIso Trustlet, and the Eleven-Year LSASS Extraction Tradition
Why a 2026 Mimikatz dump returns [LSA Isolated Data] instead of an NTLM hash, what LsaIso.exe really computes, and the five things Credential Guard was never going to close.
-
"Can This Code Do This?" -- Twenty-Five Years of Attacks on the Windows Access-Control Model
How a single kernel function, SeAccessCheck, decides every Windows operation -- and how Mimikatz, the Potato lineage, and seventy UAC bypasses each attack one of its inputs.