In this tutorial, I again enumerated users, groups, memberships, and domain controllers. Then I did port scanning of the domain controller after locating its hostname and its active users. Then we used mimikatz to dump the password hashes of the workstation we compromised. We used PowerShell alongside PowerSploit to accomplish this.

Skills Learned

  • PowerShell
  • Mimikatz
  • PowerSploit

Get OSCP Certificate Notes

Video Walk-through



About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles