Dumping

MITRE ATT&CK™ Techniques T1003 and T1552

Theory

When gaining control of a computer or account, useful information can often be obtained, sometimes leading to the compromise of additional objects. Many techniques can be carried out for credential dumping (either in the form of plaintext passwords, hashed passwords, or tickets).

Resources

OS Credential Dumping, Technique T1003 - Enterprise | MITRE ATT&CK®

PreviousCredentials NextSAM & LSA secrets

Last updated 9 months ago