Benjamin Delphy on Kekeo, successor to mimikatz. (Video)

BlueHat IL 2019 – Benjamin Delpy (@gentilkiwi) – You (dis)liked mimikatz? Wait for kekeo – YouTube

From the comments: 

“If you enjoyed playing with Kerberos, ASN1, security providers…, then you’ll love adopting this furry, sweet animal. From its birth with MS14-068 to cleartext passwords without local administrator rights, you’ll know everything about this animal. This talk will embed CredSSP and TSSP with cleartext credential, explore a little bit about PKINITMustiness and the RSA-on-the-fly for Kerberos with PKI!”

Mimikatz on Windows Server 2019… nice music.

DoktorCranium is fiddling around with Windows Server 2019 Insider Preview Build 17650 and Mimikatz, a security tool used by hackers e.g. for intruding the German parliament, the Bundestag in 2015/2016 . “Bypassing Windows Defender, Loading meterpreter, and executing the latest Mimikatz just for fun.” Why? Because he can. And Open Source rocks. I still find it hard to believe so many security-sensitive environments still use software from the shelf. And if you like Benjamin Delphy’s work, look at this video about Kekeo:

Windows Server 2019 Insider Preview Metasploit/Mimikatz tests – YouTube