BuildMimikatzfromscratch

This playlist is a practical deep dive into recreating the core functionalities of Mimikatz from the ground up using C++. Instead of relying on prebuilt tools, you'll learn how each feature works at the lowest level — from dumping LSASS memory and extracting credentials, to abusing SeImpersonatePrivilege for token impersonation. Throughout the series, we explore Windows internals, process memory access, privilege escalation, token manipulation, and credential extraction techniques. Topics include: LSASS memory dumping and analysis User impersonation via SeImpersonatePrivilege Kerberos ticket extraction and manipulation Pass-the-Hash and Pass-the-Ticket techniques Understanding and using Windows API for security tooling Token duplication and privilege escalation strategies This series is designed for red teamers, security researchers, and advanced learners who want to truly understand Windows offensive tooling — not just execute it. By writing the logic yourself, you'll gain a deeper grasp of how credential access, lateral movement, and post-exploitation techniques work in real environments. Whether you're building your own tools, studying for an advanced certification, or improving your detection capabilities, this playlist gives you the foundation to operate at a much deeper level in Windows security.

Course Chapters