Skip to content
A tool to spray love around the world.
Branch: master
Clone or download
Latest commit 8ab9ba0 Dec 5, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
core re-add logo Dec 5, 2019
misc flush creds Dec 5, 2019
submodules verbosity level Dec 3, 2019
.gitmodules Impacket as git submodules Sep 9, 2019
.gtignore Threading + Refactoring Sep 9, 2019
LICENSE Create LICENSE Sep 9, 2019 re-add logo Dec 5, 2019
preview.gif re-add preview gif Dec 5, 2019
requirements.txt Add remote parsing of dumps Dec 3, 2019 Add remote parsing of dumps Dec 3, 2019


Spray love around the world


Title Description
About Brief Description about the tool
Installation Installation and Requirements
Usage How to use Spraykatz
Acknowlegments Acknowlegments


Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments.

It simply tries to procdump machines and parse dumps remotely in order to avoid detections by antivirus softwares as much as possible.


This tool is written for python>=3. Do not use this on production environments!


On a fresh updated Ubuntu.

apt update
apt install -y python3.6 python3-pip git nmap
git clone --recurse-submodules
cd spraykatz
pip3 install -r requirements.txt

Using Spraykatz

A quick start could be:

./ -u H4x0r -p L0c4L4dm1n -t


Mandatory arguments

Switches Description
-u, --username User to spray with. He must have admin rights on targeted systems in order to gain remote code execution.
-p, --password User's password or NTLM hash in the LM:NT format.
-t, --targets IP addresses and/or IP address ranges. You can submit them via a file of targets (one target per line), or inline (separated by commas).

Optional arguments

Switches Description
-d, --domain User's domain. If he is not member of a domain, simply use -d . instead.
-v, --verbosity Verbosity mode {warning, info, debug}. Default == info.


Spraykatz uses slighlty modified parts of the following projects:

Written by Lydéric Lefebvre

You can’t perform that action at this time.