Mimikatz exploits Windows' single sign-on capability to harvest credentials. Until Windows 10, a feature called WDigest was used to save encrypted passwords to memory along with the secret key to decrypt them. Mimikatz also adjusts itself to stay on top of changes, which makes it the perfect tool for threat groups that can develop their own methods of injecting the tool to carry out their attacks successfully and steer clear of any endpoint security controls that may stand in their way.
In this video, we explain what Mimikatz is, the Mimikatz commands, how the tool works, and ways to defend against Mimikatz attacks. Watch the video to learn more. Three minutes is all it takes!