Internal-Monologue - Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

  •        9

Mimikatz, developed by Benjamin Delpy (@gentilkiwi), is a well-regarded post-exploitation tool, which allows adversaries to extract plain text passwords, NTLM hashes and Kerberos tickets from memory, as well as perform attacks such as pass-the-hash, pass-the-ticket or build a golden ticket. Arguably, the primary use of Mimikatz is retrieving user credentials from LSASS process memory for use in post exploitation lateral movement. Recently, Microsoft has introduced Credential Guard in Windows 10 Enterprise and Windows Server 2016, which uses virtualization-based security to isolate secrets, and it is very effective in preventing Mimikatz from retrieving hashes directly from memory. Also, Mimikatz has become a prime target of most endpoint protection solutions, and they are very aggressive in their efforts to detect and prevent it. Although these efforts are bound to fail, they are increasingly becoming a nuisance.

https://github.com/eladshamir/Internal-Monologue

Tags
Implementation
License
Platform

   




Related Projects

vim-olive - Vim Mode Line Verifier

  •    VimL

Vim Mode Line Verifier

vim-mash - Motion Activated Search Highlighter for Vim

  •    VimL

Motion Activated Search Highlighter for Vim

vim-grillz - Flash your wicked grillz!

  •    VimL

Flash your wicked grillz!

vim-foist - Complete whole lines from any partial therein

  •    VimL

Complete whole lines from any partial therein

vim-efmc - Vim Error Format Compiler

  •    VimL

Vim Error Format Compiler


uzbl-utrs - mkng uzbl tlrbl

  •    Javascript

mkng uzbl tlrbl

toycsv - A toy CSV parser written in ruby + lexr + racc

  •    Ruby

A toy CSV parser written in ruby + lexr + racc

tiktok - TikTok provides a simple asynchronous timer object for VimL.

  •    VimL

TikTok provides a simple asynchronous timer object for VimL.

tabby - Using Vim's Tabs the Right Way

  •    VimL

Using Vim's Tabs the Right Way

SohiVila - GNU source-highlight Vim language

  •    

GNU source-highlight Vim language

SinTax - A DSL for generating Vim syntax highlighting files

  •    VimL

A DSL for generating Vim syntax highlighting files

rkdots - Generate a graphviz visualisation of the given javascript statement.

  •    Ruby

Generate a graphviz visualisation of the given javascript statement.

RelNumBar - Show relativenumbers alongside normal numbers in Vim

  •    VimL

Show relativenumbers alongside normal numbers in Vim

Punisher - Punisher hurts you where it hurts most - your time.

  •    VimL

Punisher hurts you where it hurts most - your time.

noisy - Don't chat quietly (weechat channel noises)

  •    Perl

Don't chat quietly (weechat channel noises)

newlisp-manual - Asciidoc version of the newLISP manual

  •    Common

Asciidoc version of the newLISP manual

Marathon-Wow - Wow Even Longer

  •    Common

Wow Even Longer

Land-of-newLISP - Selected snippets from Land of Lisp rewritten in newLISP

  •    Common

Selected snippets from Land of Lisp rewritten in newLISP

Fossilise - Poor man's collaborative editing in Vim

  •    VimL

Poor man's collaborative editing in Vim

firstly - Convert Between Numeric, Spelt, and Short & Long Ordinal Forms of Numbers

  •    VimL

Convert Between Numeric, Spelt, and Short & Long Ordinal Forms of Numbers