Windows Red Team Credential Access Techniques - Red Team Series

Explore Windows Red Team credential access techniques in this comprehensive 41-minute video from the HackerSploit Red Team series. Dive into the concept of credential access and its importance in cybersecurity. Learn about various tools and methods used for stealing credentials, including mimikatz, meterpreter, and Windows Credentials Editor. Discover how to use these tools to dump login passwords, extract hashes, and exploit vulnerabilities in Windows systems. Gain hands-on experience with practical demonstrations on multiple Windows targets, covering techniques such as keylogging, credential dumping, and token impersonation. Understand how to leverage the Mitre ATT&CK framework for credential access and explore advanced topics like using John the Ripper for password cracking. Perfect for cybersecurity professionals and enthusiasts looking to enhance their red team skills and understand the intricacies of Windows credential access techniques.

Introduction
What We’ll Be Covering
What is Credential Access?
Mitre Attack Techniques - Credential Access
Let’s Get Started
What is mimikatz?
Using mimikatz with our High Integrity Agent
Are There Any Login Passwords in Memory?
Using lsadump
Using the meterprater
Preparing the mimikatz Binaries
Dumping the Login Passwords
Using hash dump
Loading mimikatz with load_kiwi
Using the lsa_dump_sam and lsa_dump_secrets Command
Results from the Powershell Agent
Using the mimikatz-cache Module
Locating Our unattended.xml File
Uploading the Binary to the Target
Listing Login Sessions
Our Second Windows Target
Running mimikatz Modules using Starkiller
Listing Tokens We Can Impersonate
Uploading mimikatz
Using logonpasswords
Using lsadump::sam
Using sekursla::logonpasswords
Using the Windows Credentials Editor
Using hashdump
Using johntheripper
Conclusion