# Credential Access & Dumping

- [Dumping Credentials from Lsass Process Memory with Mimikatz](/offensive-security/credential-access-and-credential-dumping/dumping-credentials-from-lsass.exe-process-memory.md): Local Security Authority (LSA) credential dumping with in-memory Mimikatz using powershell.
- [Dumping Lsass Without Mimikatz](/offensive-security/credential-access-and-credential-dumping/dump-credentials-from-lsass-process-without-mimikatz.md)
- [Dumping Lsass without Mimikatz with MiniDumpWriteDump](/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass.md): Evasion, Credential Dumping
- [Dumping Hashes from SAM via Registry](/offensive-security/credential-access-and-credential-dumping/dumping-hashes-from-sam-registry.md): Security Accounts Manager (SAM) credential dumping with living off the land binary.
- [Dumping SAM via esentutl.exe](/offensive-security/credential-access-and-credential-dumping/dumping-sam-via-esentutl.exe.md)
- [Dumping LSA Secrets](/offensive-security/credential-access-and-credential-dumping/dumping-lsa-secrets.md)
- [Dumping and Cracking mscash - Cached Domain Credentials](/offensive-security/credential-access-and-credential-dumping/dumping-and-cracking-mscash-cached-domain-credentials.md)
- [Dumping Domain Controller Hashes Locally and Remotely](/offensive-security/credential-access-and-credential-dumping/ntds.dit-enumeration.md): Dumping NTDS.dit with Active Directory users hashes
- [Dumping Domain Controller Hashes via wmic and Vssadmin Shadow Copy](/offensive-security/credential-access-and-credential-dumping/dumping-domain-controller-hashes-via-wmic-and-shadow-copy-using-vssadmin.md)
- [Network vs Interactive Logons](/offensive-security/credential-access-and-credential-dumping/network-vs-interactive-logons.md): This lab explores/compares when credentials are susceptible to credential dumping.
- [Reading DPAPI Encrypted Secrets with Mimikatz and C++](/offensive-security/credential-access-and-credential-dumping/reading-dpapi-encrypted-secrets-with-mimikatz-and-c++.md)
- [Credentials in Registry](/offensive-security/credential-access-and-credential-dumping/t1214-credentials-in-registry.md): Internal recon, hunting for passwords in Windows registry
- [Password Filter](/offensive-security/credential-access-and-credential-dumping/t1174-password-filter-dll.md): Credential Access
- [Forcing WDigest to Store Credentials in Plaintext](/offensive-security/credential-access-and-credential-dumping/forcing-wdigest-to-store-credentials-in-plaintext.md)
- [Dumping Delegated Default Kerberos and NTLM Credentials w/o Touching Lsass](/offensive-security/credential-access-and-credential-dumping/dumping-delegated-default-kerberos-and-ntlm-credentials-without-touching-lsass.md)
- [Intercepting Logon Credentials via Custom Security Support Provider and Authentication Packages](/offensive-security/credential-access-and-credential-dumping/intercepting-logon-credentials-via-custom-security-support-provider-and-authentication-package.md): Credential Access, Persistence
- [Pulling Web Application Passwords by Hooking HTML Input Fields](/offensive-security/credential-access-and-credential-dumping/stealing-web-application-credentials-by-hooking-input-fields.md): Credential Access, Keylogger
- [Intercepting Logon Credentials by Hooking msv1\_0!SpAcceptCredentials](/offensive-security/credential-access-and-credential-dumping/intercepting-logon-credentials-by-hooking-msv1_0-spacceptcredentials.md): Hooking, Credential Stealing
- [Credentials Collection via CredUIPromptForCredentials](/offensive-security/credential-access-and-credential-dumping/credentials-collection-via-creduipromptforcredentials.md)