This lab explores/compares when credentials are susceptible to credential dumping.
Tested against Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 Build 7601
Interactive Logon (2): Initial Logon
Let's make a base password dump using mimikatz on the victim system to see what we can get before we start logging on to it using other methods such as runas, psexec, etc. To test this, the victim system was rebooted and no other attempts to login to the system were made except for the interactive logon to get access to the console: