Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybersecurity_technique
|
| gptkbp:canBe |
gptkb:Mimikatz
pwdump reg save |
| gptkbp:category |
post-exploitation technique
credential access |
| gptkbp:countermeasures |
LSA protection
enabling Credential Guard restricting administrator access |
| gptkbp:detects |
SIEM systems
security monitoring tools |
| gptkbp:enables |
lateral movement
offline password cracking |
| gptkbp:privileges |
administrator access
|
| gptkbp:relatedTo |
gptkb:Windows_operating_system
gptkb:Security_Account_Manager |
| gptkbp:target |
SAM database
|
| gptkbp:usedBy |
penetration testers
attackers |
| gptkbp:usedFor |
extracting password hashes
|
| gptkbp:bfsParent |
gptkb:CrackMapExec
|
| gptkbp:bfsLayer |
8
|
| https://www.w3.org/2000/01/rdf-schema#label |
SAM dumping
|