PowerDump

PowerDump project includes various PowerShell scripts for Windows credential harvesting.

Functions

Invoke-DpapiDump                -   dumps system credentials protected by DPAPI
Invoke-DpapiUserDump            -   dumps current user credentials protected by DPAPI
Invoke-HiveDump                 -   dumps credentials from registry hives
Invoke-LsassDump                -   dumps credentials from LSASS process

Acknowledgments

DpapiDump is based on the following projects:

SharpDPAPI, by @harmj0y
WifiSquid

HiveDump is based on the following projects:

Invoke-PowerDump from Empire, by @darkoperator and @Cx01N
AD utils from AADInternals, by @NestoriSyynimaa

LsassDump is based on the following project:

MiniDump, by @cube0x0

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
DpapiDump.ps1		DpapiDump.ps1
DpapiUserDump.ps1		DpapiUserDump.ps1
HiveDump.ps1		HiveDump.ps1
LICENSE		LICENSE
LsassDump.ps1		LsassDump.ps1
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DpapiDump.ps1

DpapiDump.ps1

DpapiUserDump.ps1

DpapiUserDump.ps1

HiveDump.ps1

HiveDump.ps1

LICENSE

LICENSE

LsassDump.ps1

LsassDump.ps1

README.md

README.md

Repository files navigation

PowerDump

Functions

Acknowledgments

About

Languages

License

tmenochet/PowerDump

Folders and files

Latest commit

History

Repository files navigation

PowerDump

Functions

Acknowledgments

About

Resources

License

Stars

Watchers

Forks

Languages