Why would an attacker use Mimikatz once they gained access to a system?
A. to create a tunnel for covert communication channels back to the attacker network
B. to list the user accounts currently logged on to the machine
C. to create a new domain user account to log in to so regular users will not notice their activity
D. to extract passwords and hashes for user accounts that have logged on to the system