How to Install and Use Mimikatz
What Is Mimikatz?
Mimikatz is an open-source tool widely used by cybersecurity professionals to test system security.
It allows extraction of plaintext passwords, password hashes, PIN codes, and Kerberos tickets directly
from a Windows system’s memory. Due to these capabilities, Mimikatz is commonly used in ethical hacking
and penetration testing.
Who Uses Mimikatz and Why?
Mimikatz is primarily used by information security specialists for:
- Security analysis – evaluating protection against credential-based attacks.
- Vulnerability assessment – checking how securely passwords and Kerberos tickets are stored.
- Training and demonstrations – showing administrators and engineers real-world attack techniques.
However, Mimikatz may also be abused by malicious actors for:
- Pass-the-Hash and Pass-the-Ticket attacks – using stolen credentials without knowing the original password.
- Unauthorized access – accessing protected systems with compromised authentication data.
- Post-exploitation – maintaining access after an initial breach.
Important: Using Mimikatz on systems without authorization is illegal and may lead to criminal liability.
Prerequisites
Before you begin, make sure you have:
- A Windows system – Mimikatz is designed for Windows operating systems.
- Administrative privileges – required for many Mimikatz features.
- Antivirus configured or disabled – many security solutions detect Mimikatz as malicious.
Step 1: Download Mimikatz
- Visit the official repository:
Go to the Mimikatz GitHub repository. - Download the latest release:
- Open the Releases section.
- Download the latest archive (for example,).
mimikatz_trunk.zip
- Extract the archive:
- Right-click the ZIP file and select Extract All.
- Choose a destination directory.
Step 2: Run Mimikatz
- Open Command Prompt as Administrator:
- Press Windows + X and select Command Prompt (Admin) or Windows PowerShell (Admin).
- Navigate to the Mimikatz directory:
cd C:\Path\To\Mimikatz\x64Ensure this directory contains
.mimikatz.exe - Launch Mimikatz:
mimikatz.exeIf the
prompt appears, the tool has started successfully.mimikatz #
Step 3: Basic Mimikatz Commands
Mimikatz provides multiple commands for extracting credentials from memory.
1. Getting Passwords
To retrieve plaintext passwords stored in memory:
mimikatz # sekurlsa::passwords
This command displays credentials available in system memory.
2. Dumping Credentials from a Memory Dump
To extract credentials from a memory dump file:
mimikatz # sekurlsa::minidump <path_to_dmp_file>
You can create a dump file using tools such as Task Manager or ProcDump.
3. Extracting Kerberos Tickets
To list Kerberos tickets from the current session:
mimikatz # kerberos::list
4. Exporting Credentials to a File
To save extracted credentials to a text file:
mimikatz # sekurlsa::logonpasswords > credentials.txt
The output will be written to
credentials.txtStep 4: Advanced Usage
Mimikatz also includes advanced functionality for deeper security analysis:
- Golden Ticket creation – generating Kerberos tickets that can impersonate domain users.
- Pass-the-Hash attacks – authenticating using NTLM hashes instead of plaintext passwords.
- Credential dumping – extracting NTLM hashes from SAM and other credential stores.
Important Considerations
- Ethical use – always obtain explicit permission before using Mimikatz.
- Antivirus detection – expect alerts or blocks from security software.
- Testing environment – use Mimikatz in a lab or virtual machine whenever possible.
Conclusion
Mimikatz is a powerful tool for security professionals, offering deep insight into Windows authentication
mechanisms and credential handling. When used responsibly, it helps identify weaknesses and improve
security posture. Always operate within legal and ethical boundaries.