Metadata-Version: 2.1
Name: lsassy
Version: 2.1.1
Summary: Python library to parse remote lsass dumps
Home-page: https://github.com/hackanddo/lsassy
Author: Pixis
Author-email: hackndo@gmail.com
License: MIT
Description: # lsassy
        
        [![PyPI version](https://d25lcipzij17d.cloudfront.net/badge.svg?id=py&type=6&v=2.1.1&x2=0)](https://pypi.org/project/lsassy/) [![Twitter](https://img.shields.io/twitter/follow/hackanddo?label=HackAndDo&style=social)](https://twitter.com/intent/follow?screen_name=hackanddo)
        
        ![Example](https://github.com/Hackndo/lsassy/raw/master/assets/example.png)
        
        Python library to remotely extract credentials on a set of hosts. This [blog post](https://en.hackndo.com/remote-lsass-dump-passwords/) explains how it works.
        
        This library uses [impacket](https://github.com/SecureAuthCorp/impacket) project to remotely read necessary bytes in lsass dump and [pypykatz](https://github.com/skelsec/pypykatz) to extract credentials.
        
        | Chapters                                     | Description                                             |
        |----------------------------------------------|---------------------------------------------------------|
        | [Requirements](#requirements)                | Requirements to install lsassy from source              |
        | [Documentation](#documentation)              | Lsassy documentation                                    |
        | [CrackMapExec Module](#crackmapexec-module)  | Link to CrackMapExec module included in this repository |
        | [Issues](#issues)                            | Read this before creating an issue                      |
        | [Acknowledgments](#acknowledgments)          | Kudos to these people and tools                         |
        | [Contributors](#contributors)                | People contributing to this tool                        |
        
        ## Requirement
        
        * Python >= 3.6
        
        ## Documentation
        
        The tool is fully documented in the project's [wiki](https://github.com/Hackndo/lsassy/wiki)
        
        ### Installation
        
        * [Installation](https://github.com/Hackndo/lsassy/wiki/Lsassy-Installation)
        
        ### Standalone
        
        * [Basic Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-Basic-Usage)
        * [Advanced Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-Advanced-Usage)
        
        ### Library
        
        * [Basic Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-lib-Basic-Usage)
        * [Advanced Usage](https://github.com/Hackndo/lsassy/wiki/Lsassy-lib-Advanced-Usage)
        
        ### CrackMapExec module
        
        * [Installation](https://github.com/Hackndo/lsassy/wiki/CME-Installation)
        * [Basic Usage](https://github.com/Hackndo/lsassy/wiki/CME-Basic-Usage)
        * [Advanced Usage](https://github.com/Hackndo/lsassy/wiki/CME-Advanced-Usage)
        
        ## CrackMapExec module
        
        I wrote a CrackMapExec module that uses **lsassy** to extract credentials on compromised hosts
        
        CrackMapExec module is in `cme` folder : [CME Module](https://github.com/Hackndo/lsassy/tree/master/cme)
        
        ## Issues
        
        If you find an issue with this tool (that's very plausible !), please
        
        * Check that you're using the latest version
        * Send as much details as possible.
            - For standalone **lsassy**, please use maximum verbosity `-vv`
            - For CME module, please use CrackMapExec `--verbose` flag
        
        ## Changelog
        
        ```
        v2.1.0
        ------
        * Kerberos authentication support (Thank you laxa for PR)
        * Add CME module for python3
        * Update bloodhound queries for BloodHound3
        * Bug fixes
        
        v2.0.0
        ------
        * Multiprocessing support to dump credentials on multiple hosts at a time
        * Add new dumping method using "dumpert"
        * Can be used as a library in other python projects
        * Syntax changed to be more flexible
        * Complete code refactoring, way more organized and easy to maintain/extend
        * Better error handling
        * Complete wiki
        
        v1.1.0
        ------
        * Better execution process : --method flag has been added and described in help text
        * Uses random dump name
        * Chose between cmd, powershell, dll and/or procdump methods
        * CME module is now using light lsassy WMIExec et TASKExec implementation
        * Bug fixes
        
        v1.0.0
        ------
        * Built-in lsass dump
        ** Lsass dump using built-in Windows
        ** Lsass dump using procdump (using -p parameter)
        * Add --dumppath to ask for remote parsing only
        * Code refactoring
        * Add --quiet to quiet output
        
        v0.2.0
        ------
        * Add BloodHound option to CME module (-o BLOODHOUND=True)
            - Set compromised targets as "owned" in BloodHound
            - Check if compromised users have at least one path to domain admin
        * Custom parsing (json, grep, pretty [default])
        * New --hashes option to lsassy
        * Include CME module in repository
        * Add credentials to CME database
        
        
        v0.1.0
        ------
        First release
        ```
        
        ## Acknowledgments
        
        * [Impacket](https://github.com/SecureAuthCorp/impacket)
        * [SkelSec](http://twitter.com/skelsec) for Pypykatz, but also for his patience and help
        * [mpgn](https://twitter.com/mpgn_x64) for his help and ideas
        
        ## Contributors
        
        * [ITPPA](https://github.com/ITPPA/)
        * [viaccoz](https://github.com/viaccoz)
        * [blurbdust](https://github.com/blurbdust)
        * [exploide](https://github.com/exploide)
        * [Laxa](https://github.com/Laxa)
        
Platform: UNKNOWN
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.6
Description-Content-Type: text/markdown
