Amnesiac

Hive

Dump SAM and Cached Creds | https://github.com/tmenochet/PowerDump

The Hive command in Amnesiac allows users to perform credential extraction from the SAM database (which contains password hashes for local user accounts on the target system), and cached domain credentials extraction.

To ensure successful execution of the Hive command, users may need to bypass AMSI using the Patch command.

Last updated 6 months ago