Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Mimikatz is an open-source application that allows users to manipulate authentication credentials in Windows systems. Created to work as a proof of concept tool for Windows security, Mimikatz has been used by hackers to compromise many different types of systems.
As an application with the ability to store credentials, Mimikatz can be used to steal authentication credentials and create illegitimate privileges. Common types of Mimikatz attacks include pass-the-hash attacks, where hackers get control of hash strings to crack passwords; pass-the-ticket attacks where Mimikatz users abuse Kerberos tickets; and golden or silver ticket attacks, in which the hacker, again through the abuse of Kerberos credentials, gets wide-ranging access to many parts of a system.
Mimikatz is a tool that views and saves Kerberos credentials, so it can be used fraudulently as an access tool. Essentially, the hacker is obtaining authentication credentials and data that will be used to infiltrate systems through the use of this open-source storage application.