-
Hi,
I came across a possible bug in one of your rules.
https://github.com/SigmaHQ/sigma/blob/master/rules/windows/builtin/security/win_security_dcsync.yml#L29
The rule didn't match this event…
-
-
```
mimikatz # privilege::debug
Privilege '20' OK
mimikatz # ts::logonpasswords
!!! Warning: false positives can be listed !!!
Domain : DESKTOP-BSBG8R2
UserName : admin
Pas…
-
How is this MImikatz shellcode generated?
-
Do you have any .cna file of mimikatz so I can update the version from cobalt strike with this one?
-
## Summary
[ChromeKatz](https://github.com/Meckazin/ChromeKatz) is ~Mimikatz for Chrome engine browsers.
### Motivation
Cookies are delicious and in the case of offsec work incredibly nut…
-
Just thought of this whilst going though "AT is the New Black", but do we actually have any decent documentation on Mimikatz and WCE? If not it would be good to add in some good documentation on these…
-
Hello!
i'm studying the Skeleton Key Attack, in the original paper (https://www.virusbulletin.com/uploads/pdf/magazine/2016/vb201601-skeleton-key.pdf) they described that this attack is able to mod…
-
Hey there!
First off really awesome project!
As the title says, I've been noticing that most obfuscated Powershell scripts (specifically PowerSploit scripts) seem to be incompatible on Powershell…
-
after dumping the whole memory with winpmem xx.raw
and then extract lsass.exe using volatility3 we couldn't get access to the lsass using mimikatz
error always showing opening memory in mimikatz. …