Skip to content

S0005 Windows Credential Editor

Windows Credential Editor is a password dumping tool. 1

Item Value
ID S0005
Associated Names
Type TOOL
Version 1.1
Created 31 May 2017
Last Modified 30 March 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
enterprise T1003 OS Credential Dumping -
enterprise T1003.001 LSASS Memory Windows Credential Editor can dump credentials.1

Groups That Use This Software

References