noMimikatz

This is a simple client (post exploitation) to send IRP to the mimidrv.sys driver without using mimikatz.

The mimidrv.sys driver is integrated. Administrator rights are required to install it (post exploitation)

We can choose between invoking the BSOD functionality (IRP Code 0x002) or assigning the token to each open cmd.exe and powershell.exe process System (IRP Code 0x011).

You can integrate other IRP code by referring to ''' https://github.com/gentilkiwi/mimikatz/blob/master/mimidrv/ioctl.h '''

Example of token assigned to the cmd.exe process

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
.vs/noMimikatz		.vs/noMimikatz
Properties		Properties
Resources		Resources
img		img
obj/Debug		obj/Debug
App.config		App.config
Program.cs		Program.cs
README.md		README.md
noMimikatz.csproj		noMimikatz.csproj
noMimikatz.sln		noMimikatz.sln

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

noMimikatz

About

Releases

Packages

Languages

dottorvenom/noMimikatz

Folders and files

Latest commit

History

Repository files navigation

noMimikatz

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages