All Services
Contact Us
- Contact Us
- Email Sign-Up
About Us
Free Resources
Training
- BHIS & Antisyphon Training
- WWHF Conference
Online Community
- Discord
- LinkedIn
- YouTube
- Bluesky
- Twitter/X
- Upcoming Events
Fun Stuff

Credential Harvesting

Attack Tool(s): GraphRunner, DonPAPI, Snaffler, Mimikatz

GraphRunner: https://github.com/dafthack/GraphRunner
DonPAPI: https://github.com/login-securite/DonPAPI
Snaffler: https://github.com/SnaffCon/Snaffler
Mimikatz: https://github.com/gentilkiwi/mimikatz

Detection Link(s):

Security Information and Event Management (SIEM) Log Analysis
User and Entity Behavior Analytics (UEBA)
Active Defense and Cyber Deception

Helpful Blogs (BHIS):

“Domain Goodness: Learned to Love AD Explorer” – https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer – Credential harvesting context.
“Indecent Exposure: Your Secrets are Showing” – https://www.blackhillsinfosec.com/indecent-exposure-your-secrets-are-showing – Snaffler usage.

BNB_CARDS_v3_15

Back to top

Black Hills Information Security, Inc.

890 Lazelle Street, Sturgis, SD 57785-1611 | 701-484-BHIS (2447)
© 2008

About Us | BHIS Tribe of Companies | Privacy Policy | Contact

Links

Search the site