Empire & Mimikatz Detection by SentinelOne

What if we were to tell you that there was a magical tool that could greatly simplify the discovery and pillaging of credentials from Windows-based hosts? This tool would be a welcome addition to any criminal’s toolbelt, as it would be also for pentesters, Red Team members, black hats, white hats, indeed anyone interested in compromising computer security. Now, what if we told you it was FREE and already built into many of your favorite tools and malware campaigns/kits/frameworks? Sounds exciting right!!!
But then you probably already know, this is no wish list or some private NSA hacking tool, but the well-established mimikatz. In this post, we take a look at what mimikatz is, how it has been used, why it still works, and how to successfully protect endpoints against its use.
Read More: https://www.sentinelone.com/blog/what-is-mimikatz-and-why-is-it-so-dangerous/