Skip to content
Python script to parse txt files containing Mimikatz output
Branch: master
Clone or download
Latest commit df3313c Apr 14, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitattributes Initial commit Apr 2, 2019


KatzKatz is a python tool to parse text files containing output from Mimikatz sekurlsa::logonpasswords module. When performing an internal network pentest sometimes you found yourself gathering many lsass.exe process dumps, open them using Mimikatz in order to extract clear text passwords and\or NTLM password hashes. Once you getter many of those (and usually some of them contain many credential sets) it becomes a bit cumbersome to track and understand which users you compromised. KatzKatz will parse those for you and will output a CSV file containing only valid* sets so you can filter more easily and get the ones you need.

Specific features

The tool will only parse valid* sets of credentials and will omit the 'null' ones. In addition, it will compare the output and will save only unique sets of credentials.

*I'm not sure if 'valid' is the right word, KatzKatz will save results that containing at least username + password and\or NTLM password hash.

How to use it

First, install the needed dependencies:

pip install -r requirments.txt

Second, run the tool with the needed flags:

python -f [FILENAME]

Options to consider

  • -f-F
    • single file or folder containing text files
  • -o
  • output file name (csv)


This was tested with python 2.7 and Mimikatz 2.0+ version


Using the script on a folder containing multiple text and dmp files: Sample


I got a lot of ideas from MWR Labs - And of course, is one of the most amazing and used tools.

Issues, bugs and other code-issues

Yeah, I know, this code isn't the best. I'm fine with it as I'm not a developer and this is part of my learning process. If there is an option to do some of it better, please, let me know.

Not how many, but where.

You can’t perform that action at this time.