Mastering Mimikatz and Kekeo

Online Training date: November 02-04, 2021.

Abstract

In this training class we will go over most of the capabilities that bot Mimikatz and Kekeo provide. These POCs (Proof of Concept Code) samples developed by Benjamin Delpy in his quest for deeper understanding of several technologies have changed the security landscape. In this training class we will cover from the usual password extraction, using Mimikatz as a RAT, working with processes, Terminal Service, Certificates and much more.

Description

This class goes over the the capabilities of Mimikatz and Kekeo, Student will be surprised at all the capabilities such as set of small binaries has. Student will come out of it learning new capabilities that they thought Mimikatz did not had. Class will cover each technique and also provide IOCs where possible,

The training class will cover:

  • Basic use of Mimikatz and Keko
  • Working with Processes and Tokens
  • Working with Services
  • Working at Kernel Level and interacting with the UFEI
  • Using Mimikatz as a RAT via RPC and SMB as a control and command channel.
  • Extracting credentials from LSA
  • Extracting Credentials from LSASS
  • Kerberos Attacks *. Actings as a Domain Controller
  • Abusing Terminal Services
  • Abusing ADCS

.. and more

About the Speaker