[homepage]https://github.com/skelsec/pypykatz[/homepage]
[tags]passwords,cracker,windows,bruteforce,ntlm,python[/tags]
[short_descr]Mimikatz implementation in pure Python.[/short_descr]
[long_descr]Platform idependent - all commands have a "live" and a normal version where applicable. The "live" version will use the current system and only works on Windows. The normal commands are platform independent. Can be used as a library for your projects.
LSASS processing:
Can parse the secrets hidden in the LSASS process. This is just like mimikatz's sekurlsa:: but with different commands.
The main difference here is that all the parsing logic is separated from the data source, so if you define a new reader object you can basically perform the parsing of LSASS from anywhere.
Registry processing:
Parses the registry hives to obtain stroed credentials, like NT and LM hashes, domain cached credentials (DCC/DCC2) and LSA secrets.
DPAPI functions - MASTERKEY/BLOB/VAULT/CREDENTIAL:
DPAPI is the protector of local secrets of many kinds. Currently the project supports decrypting masterkeys, dpapi blobs, credential files, vault files. The results are not 100% correct, as there is not much documentation on most of these things.
[homepage]https://github.com/skelsec/pypykatz[/homepage] [tags]passwords,cracker,windows,bruteforce,ntlm,python[/tags] [short_descr]Mimikatz implementation in pure Python.[/short_descr] [long_descr]Platform idependent - all commands have a "live" and a normal version where applicable. The "live" version will use the current system and only works on Windows. The normal commands are platform independent. Can be used as a library for your projects.
LSASS processing: Can parse the secrets hidden in the LSASS process. This is just like mimikatz's sekurlsa:: but with different commands. The main difference here is that all the parsing logic is separated from the data source, so if you define a new reader object you can basically perform the parsing of LSASS from anywhere.
Registry processing: Parses the registry hives to obtain stroed credentials, like NT and LM hashes, domain cached credentials (DCC/DCC2) and LSA secrets.
DPAPI functions - MASTERKEY/BLOB/VAULT/CREDENTIAL: DPAPI is the protector of local secrets of many kinds. Currently the project supports decrypting masterkeys, dpapi blobs, credential files, vault files. The results are not 100% correct, as there is not much documentation on most of these things.
Impersonating users: Can spawn a new process as any user who has a process running on the machine. Can assign any available token of choise to your thread.[/long_descr] [image]https://raw.githubusercontent.com/gwen001/offsectools_www/main/c2f41c6e4327a57d417e694097cab89a.png[/image]