# mimikatz {% embed url="" %} Mimikatz is a powerful tool that can be used for both legitimate and malicious purposes. ### **What is Mimikatz?** * Mimikatz is an open-source tool that can be used to extract sensitive information, such as passwords and credentials, from a system's memory. * It can be used by **security professionals** for activities such as penetration testing and vulnerability assessments to identify and address security weaknesses. * However, it can also be misused by **malicious actors** to gain unauthorized access to systems and networks.