Python library to remotely extract credentials on a set of hosts. This blog post explains how it works.
This library uses impacket project to remotely read necessary bytes in lsass dump and pypykatz to extract credentials.
| Chapters | Description |
|---|---|
| Requirements | Requirements to install lsassy from source |
| Documentation | Lsassy documentation |
| CrackMapExec Module | Link to CrackMapExec module included in this repository |
| Issues | Read this before creating an issue |
| Acknowledgments | Kudos to these people and tools |
| Contributors | People contributing to this tool |
- Python >= 3.6
The tool is fully documented in the project's wiki
- CrackMapExec module is now part of CrackMapExec project
- CME module is documentated in project's wiki
v2.1.0
------
* Kerberos authentication support (Thank you laxa for PR)
* Add CME module for python3
* Update bloodhound queries for BloodHound3
* Bug fixes
v2.0.0
------
* Multiprocessing support to dump credentials on multiple hosts at a time
* Add new dumping method using "dumpert"
* Can be used as a library in other python projects
* Syntax changed to be more flexible
* Complete code refactoring, way more organized and easy to maintain/extend
* Better error handling
* Complete wiki
v1.1.0
------
* Better execution process : --method flag has been added and described in help text
* Uses random dump name
* Chose between cmd, powershell, dll and/or procdump methods
* CME module is now using light lsassy WMIExec et TASKExec implementation
* Bug fixes
v1.0.0
------
* Built-in lsass dump
** Lsass dump using built-in Windows
** Lsass dump using procdump (using -p parameter)
* Add --dumppath to ask for remote parsing only
* Code refactoring
* Add --quiet to quiet output
v0.2.0
------
* Add BloodHound option to CME module (-o BLOODHOUND=True)
- Set compromised targets as "owned" in BloodHound
- Check if compromised users have at least one path to domain admin
* Custom parsing (json, grep, pretty [default])
* New --hashes option to lsassy
* Include CME module in repository
* Add credentials to CME database
v0.1.0
------
First release